NS entries not changing, Authority Records Blank

[Serge Rozentsvet]

We have purchased a domain name and are trying to set up a Windows 2000
Server box to host both the DNS and the actual website. I know that this is
not the ideal way to host, but it's the only option at the moment.

The DNS is set up and seems to be working, however the Registrar keeps
telling us that they are unable to change the NS entries to point to our
box. They claim that the entries are invalid. I have checked the records
externally via www.network-tools.com/nslook/ and everything looks fine.

The only thing that COULD be not right, as far as I can see is that the
NsLookup returns ANSWER RECORDS but no AUTHORITY RECORDS.
How can I change this, if I should at all?

Here's the latest dump from www.network-tools.com/nslook/ for domain name
russianspy.biz from the x101.no-ip.biz name server:

x101.no-ip.biz [211.30.3.130] returned an authoritative response in 266 ms:
Answer records
name class type data time to live
russianspy.biz IN A 211.30.3.130 3600s (1h)
russianspy.biz IN NS x101.no-ip.biz 3600s (1h)
russianspy.biz IN NS russianspy.no-ip.biz 3600s (1h)
russianspy.biz IN SOA server: x101.no-ip.biz
email: (e-mail address removed)
serial: 209
refresh: 900
retry: 600
expire: 86400
minimum ttl: 3600
3600s (1h)
russianspy.biz IN MX preference: 1
exchange: russianspy.biz
3600s (1h)
Authority records
[none]
Additional records
name class type data time to live
russianspy.biz IN A 211.30.3.130 3600s (1h)

And here's the same dump from ns1.austdomains.com.au name server
(Registrar):

ns1.austdomains.com.au [202.0.185.9] returned a non-authoritative response
in 265 ms: Answer records
[none]
Authority records
name class type data time to live
russianspy.biz IN NS ns2.austdomains.com.au 7187s (1h 59m 47s)
russianspy.biz IN NS ns1.austdomains.com.au 7187s (1h 59m 47s)
Additional records
name class type data time to live
ns2.austdomains.com.au IN A 202.0.185.9 38400s (10h 40m)
ns1.austdomains.com.au IN A 202.0.185.9 38400s (10h 40m)


As seen above, AUTHORITY RECORDS in x101.no-ip.biz returns NONE...

Is there anything else I should be looking at ?

Thanks a lot in advance.

 

[Deji Akomolafe]

nf1.no-ip.com is claiming to be the NameServer for x101.no-ip.biz and
no-ip.biz. It properly responds to queries for A records for both domains,
but it does not respond to queries for NS records; instead it does a
referrral. So, it doesn't seem to think it's the authoritative server for
those domains. This can happen if nf1.no-ip.com is NOT the server listed as
the "Primary Server" on the "Start of Authority" tab of those 2 zones. If
you look at that setting, you will likely see the internal name of your DNS
server. This is very likely because these zones are AD-integrated. If you
manually hard-code nf1.no-ip.com into the "Primary Server" field, it will
get overwritten shortly. What you can do is change the zones from
AD-integrated to Primary zones and then make sure that the name in the
"Primary Server" field is nf1.no-ip.com or whatever the external name of
your DNS server is supposed to be.
--
Sincerely,

Dèjì Akómöláfé, MCSE MCSA MCP+I
www.akomolafe.com
www.iyaburo.com
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon

We have purchased a domain name and are trying to set up a Windows 2000
Server box to host both the DNS and the actual website. I know that this is
not the ideal way to host, but it's the only option at the moment.

The DNS is set up and seems to be working, however the Registrar keeps
telling us that they are unable to change the NS entries to point to our
box. They claim that the entries are invalid. I have checked the records
externally via www.network-tools.com/nslook/ and everything looks fine.

The only thing that COULD be not right, as far as I can see is that the
NsLookup returns ANSWER RECORDS but no AUTHORITY RECORDS.
How can I change this, if I should at all?

Here's the latest dump from www.network-tools.com/nslook/ for domain name
russianspy.biz from the x101.no-ip.biz name server:

x101.no-ip.biz [211.30.3.130] returned an authoritative response in 266 ms:
Answer records
name class type data time to live
russianspy.biz IN A 211.30.3.130 3600s (1h)
russianspy.biz IN NS x101.no-ip.biz 3600s (1h)
russianspy.biz IN NS russianspy.no-ip.biz 3600s (1h)
russianspy.biz IN SOA server: x101.no-ip.biz
email: (e-mail address removed)
serial: 209
refresh: 900
retry: 600
expire: 86400
minimum ttl: 3600
3600s (1h)
russianspy.biz IN MX preference: 1
exchange: russianspy.biz
3600s (1h)
Authority records
[none]
Additional records
name class type data time to live
russianspy.biz IN A 211.30.3.130 3600s (1h)

And here's the same dump from ns1.austdomains.com.au name server
(Registrar):

ns1.austdomains.com.au [202.0.185.9] returned a non-authoritative response
in 265 ms: Answer records
[none]
Authority records
name class type data time to live
russianspy.biz IN NS ns2.austdomains.com.au 7187s (1h 59m 47s)
russianspy.biz IN NS ns1.austdomains.com.au 7187s (1h 59m 47s)
Additional records
name class type data time to live
ns2.austdomains.com.au IN A 202.0.185.9 38400s (10h 40m)
ns1.austdomains.com.au IN A 202.0.185.9 38400s (10h 40m)


As seen above, AUTHORITY RECORDS in x101.no-ip.biz returns NONE...

Is there anything else I should be looking at ?

Thanks a lot in advance.

 

[Serge Rozentsvet]

So I should make the "nf1.no-ip.com" SOA for my domain (russianspy.biz)?
Please note that I have nothing to do with no-ip.biz - the only thing I can
change is the IP address for x101.no-ip.biz & russianspy.no-ip.biz.

 

[Kevin D. Goodknecht [MVP]]

In

We have purchased a domain name and are trying to set up a Windows
2000 Server box to host both the DNS and the actual website. I know
that this is not the ideal way to host, but it's the only option at
the moment.

The DNS is set up and seems to be working, however the Registrar keeps
telling us that they are unable to change the NS entries to point to
our box. They claim that the entries are invalid. I have checked the
records externally via www.network-tools.com/nslook/ and everything

Is there anything else I should be looking at ?

Thanks a lot in advance.

While your nameserver at 211.30.3.130 is answering if queried directly, it
is returning private records which cannot be used accross the internet. Also
there is no Public Name server listed at IP 211.30.3.130, that is why your
registrar cannot change the public record to use your DNS server.
Before you can use this nameserver for public content, it needs a host name
and its IP registered at a public gTLD server as a public name server and it
must only return Public routable IP addresses.
The point I am getting at here is, even if you have a hostname registered
for this DNS server, resolution from it will be very inconsistent or, may
NOT work at all.


W:\>W:\Netdig /i
Default Server: 192.168.0.2 (kjweb.lsaol.com)

server 211.30.3.130
russianspy.biz any

opcode: Query, status: NOERROR, id: 23
flags: qr aa rd ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 5

QUESTION SECTION:
russianspy.biz. IN ANY

ANSWER SECTION:
russianspy.biz. 600 IN A 10.10.10.10
russianspy.biz. 3600 IN A 211.30.3.130
russianspy.biz. 600 IN A 10.10.1.10
russianspy.biz. 3600 IN NS server.russianspy.biz.
russianspy.biz. 3600 IN NS x101.no-ip.biz.
russianspy.biz. 3600 IN NS russianspy.no-ip.biz.
russianspy.biz. 3600 IN SOA server.russianspy.biz.
postmaster.russians
py.biz. 247 900 600 86400 3600
russianspy.biz. 3600 IN MX 1 russianspy.biz.

ADDITIONAL SECTION:
server.russianspy.biz. 3600 IN A 10.10.1.10
server.russianspy.biz. 3600 IN A 10.10.10.10
russianspy.biz. 600 IN A 10.10.10.10
russianspy.biz. 600 IN A 211.30.3.130
russianspy.biz. 600 IN A 10.10.1.10

Query time: 1713 ms
Server : 211.30.3.130:53 udp (211.30.3.130)
When : 4/21/2004 8:15:18 AM
Size rcvd : 294

 

[Serge Rozentsvet]

We'll be migrating DNS to another box within the next couple of days -
that'll take care of the private 10.x.x.x addresses you saw. Meanwhile, how
do I register my server/IP as a public NS?

 

[Kevin D. Goodknecht [MVP]]

In

We'll be migrating DNS to another box within the next couple of days -
that'll take care of the private 10.x.x.x addresses you saw.
Meanwhile, how do I register my server/IP as a public NS?

Most registrars allow you to do this on their domain administration
interface on their website. You may have to E-mail them to ask how it is
done.

What you need for example is a name server registered and listed at the .biz
TLD servers for NS1.RUSSIANSPY.BIZ at IP 211.30.3.130.

Once the name server and IP are registered and listed at the .biz TLD
servers then you can make it Authoritative for your domain or other domains.
BTW, you need two Authoritative DNS servers for each domain, if you only
have one DNS or IP address available for public content DNS, you need to
have a deal setup for someone else to host a secondary zone for any domain
you host. Your ISP may do this or some other DNS hosting provider.

 

[Serge Rozentsvet]

Thanks a lot.
My registrar has E-Mailed me today similar information. Could you explain
the process of registering NS servers in a bit more detail?

Thanks again,

S. Rozentsvet

 

[Kevin D. Goodknecht [MVP]]

In

Thanks a lot.
My registrar has E-Mailed me today similar information. Could you
explain the process of registering NS servers in a bit more detail?

Not much detail to it, some registrars have a page for creating the name
server host records.
If they don't email them with the host name and its IP address, You can use
something like NS.RUSSIANSPY.BIZ with IP 211.30.3.130.

It can take 24 to 48 hours, you can go to http://www.internic.net/whois.html
and do a whois search on either the host name or IP address of your
registered name server.