[CLUE-Admin] CLUE DNS (long) [was Fwd: Re: [NCLUG] CLUE North Meeting, Thurs 21 Nov]

David Anselmi anselmi at americanisp.net
Wed Nov 20 09:20:09 MST 2002 

Well, you asked for it :-)

Jeffery Cann wrote:
[...]
> 
> Dave,
> 
> Perhaps I am confused, but AFAIK, Techangle's name servers are not the 
> problem.  Our zone file is not maintained by Techangle.  Techangle simply 
> gave Chris What-Ever-His-Name-Is at Qwest the IP address for the box.

It could have been done that way, and perhaps once it was.  But our zone 
is kept at Techangle and Chris G just delegates the domain there.  The 
same way, the people at .org delegate cluedenver.org to the Techangle 
nameservers.

> I thought the problem is that we (as in any CLUE board guys) have no rights to 
> make changes to delegation of the .denver.co.us because we don't own it.  The 
> problem appears to be with the folks who run the delegation from this domain.  
> Their name server(s) appear to be flaky over the past 2 months.

No, as far as I can tell the flakiness is between Techangle and our 
users.  That is not to point the finger at them--it could be network or 
routing problems getting in to them as easily as problems at their dns 
server.  But what I saw was that queries to dns0.techangle.com were not 
answered.  I'd be happy to be corrected if I've missed something.

Here are the details of what's where in DNS.  I used nslookup for this, 
but host and dig might be easier.

First we ask for the nameservers for denver.co.us. and we get:

denver.co.us    nameserver = ns1.westnet.net
denver.co.us    nameserver = NS.UTAH.EDU

Now we ask one of those to list all the records for denver.co.us. and 
grep for techangle and we get:

lug.denver.co.us.              NS     dns0.techangle.com
lug.denver.co.us.              NS     ta5.techangle.com
linux.denver.co.us.            NS     dns0.techangle.com
linux.denver.co.us.            NS     ta5.techangle.com
clue.denver.co.us.             NS     dns0.techangle.com
clue.denver.co.us.             NS     ta5.techangle.com

(The ta5 entry is wrong, but we're working on it.)  This is what 
delegation looks like--denver.co.us has delegated our 3 domains to us 
and we host them on techangle's nameservers.

Now we ask dns0.techangle.com to list clue.denver.co.us (note the SOA 
lines wrap):

clue.denver.co.us.             SOA    clue.denver.co.us
     hostinfo.techangle.com. (200 28800 7200 86400 86400)
clue.denver.co.us.             NS     dns0.techangle.com
clue.denver.co.us.             NS     kessel.techangle.com
clue.denver.co.us.             NS     corelia.techangle.com
clue.denver.co.us.             NS     coruscant.techangle.com
clue.denver.co.us.             MX     10   ta8.techangle.com
clue.denver.co.us.             A      199.239.19.17
clue.clue.denver.co.us.        CNAME  ta8.clue.denver.co.us
ftp.clue.denver.co.us.         CNAME  ta8.clue.denver.co.us
imap.clue.denver.co.us.        CNAME  ta8.clue.denver.co.us
lug.clue.denver.co.us.         CNAME  ta8.clue.denver.co.us
mail.clue.denver.co.us.        CNAME  ta8.clue.denver.co.us
pop.clue.denver.co.us.         CNAME  ta8.clue.denver.co.us
smtp.clue.denver.co.us.        CNAME  ta8.clue.denver.co.us
ta8.clue.denver.co.us.         A      199.239.19.17
www.clue.denver.co.us.         CNAME  ta8.clue.denver.co.us
clue.denver.co.us.             SOA    clue.denver.co.us
     hostinfo.techangle.com. (200 28800 7200 86400 86400)

This is basically our zone file (and there are similar ones for our 
linux and lug domains).  It is kept on the Techangle name servers.

The way we set this up was to submit the form at 
http://clue.denver.co.us/admin/domain.html, telling the admins of the 
denver.co.us domain to delegate clue.denver.co.us to us and what 
nameservers will host us.  Techangle did a similar thing (though 
probably more quickly through the web) to set up cluedenver.org for us.

So we have 3 sets of records--delegation records at denver.co.us and at 
.org, and zone records at Techangle.  We only need to change the 
delegation records if Techangle changes the names of our nameservers. 
To change those we talk to Chris G or .org (we talk to .org via Roy). 
We only change the zone records if we change our IP address or names 
within our domain (by asking Dave H or Roy).

When we had the day long problem a few weeks ago, I did lookups at .us, 
denver.co.us, and clue.denver.co.us.  The only ones that failed were for 
clue.denver.co.us.  There may have been some flakiness resolving the 
Techangle nameservers--at one point I thought I found different IPs for 
them but I could have been wrong.

Dave

More information about the clue-admin mailing list