Answer the question
In order to leave comments, you need to log in
V
V
Vladislav Yaroslavlev2012-11-23 13:12:51
Vladislav Yaroslavlev, 2012-11-23 13:12:51
Incorrect NSs, but how does it work?
The NS's are invalid, but the A-record is resolved. How?
C:\>nslookup -q=NS izumrudniy-gorod.ru 8.8.8.8
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
izumrudniy-gorod.ru nameserver = ns1.ChelnySvadba
izumrudniy-gorod.ru nameserver = ns2.ChelnySvadba
C:\>nslookup -q=A izumrudniy-gorod.ru 8.8.8.8
Server: google-public-dns-a.google.com
Address: 8.8.8.8
Non-authoritative answer:
Name: izumrudniy-gorod.ru
Address: 77.222.40.91
3 answer(s)
@merlin-vrn
Then your recursive DNS server addresses one of these servers to resolve names within the izumrudniy-gorod.ru zone, and receives the following responses from these servers:
(And the SOA record is also wrong there.)
If you remove the delegation now, and then try to do it again without correcting this nonsense in the zone, a normal registrar will delegate the domain to such servers (i.e. register records your-domain NS your -server). Now it works, I repeat, because once, when the delegation was done, the entries there were correct.
@Otkrick
M
merlin-vrn, 2012-11-25 @merlin-vrn
It works because once, in 2008, when the delegation was just being done, the zone was correct, but it was spoiled later.
Resolution happens like this:
DNS servers of the ru zone. give a response like:
$ dig -t ns izumrudniy-gorod.ru. @a.dns.ripn.net.
; <<>> DiG 9.8.1 <<>> -t ns izumrudniy-gorod.ru. @a.dns.ripn.net.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51951
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;izumrudniy-gorod.ru. IN NS
;; AUTHORITY SECTION:
izumrudniy-gorod.ru. 345600 IN NS ns2.r16.biz.
izumrudniy-gorod.ru. 345600 IN NS ns1.r16.biz.
;; Query time: 18 msec
;; SERVER: 193.232.128.6#53(193.232.128.6)
;; WHEN: Sun Nov 25 13:41:42 2012
;; MSG SIZE rcvd: 80
Then your recursive DNS server addresses one of these servers to resolve names within the izumrudniy-gorod.ru zone, and receives the following responses from these servers:
$ dig -t ns izumrudniy-gorod.ru. @ns1.r16.biz.
; <<>> DiG 9.8.1 <<>> -t ns izumrudniy-gorod.ru. @ns1.r16.biz.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62400
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;izumrudniy-gorod.ru. IN NS
;; ANSWER SECTION:
izumrudniy-gorod.ru. 3600 IN NS ns1.ChelnySvadba.
izumrudniy-gorod.ru. 3600 IN NS ns2.ChelnySvadba.
;; Query time: 92 msec
;; SERVER: 5.187.0.37#53(5.187.0.37)
;; WHEN: Sun Nov 25 13:42:17 2012
;; MSG SIZE rcvd: 85
(And the SOA record is also wrong there.)
If you remove the delegation now, and then try to do it again without correcting this nonsense in the zone, a normal registrar will delegate the domain to such servers (i.e. register records your-domain NS your -server). Now it works, I repeat, because once, when the delegation was done, the entries there were correct.
O
Otkrick, 2012-11-23 @Otkrick
From the cache? Google Public DNS is better not to use, it is not standardized. Once a day he killed to catch a mistake, it turned out that he: 1. With several A-records, he chose only the first one; 2. Didn't support round-robin.
Similar questions
P
K
M
K
I
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question