Date: Fri, 18 Dec 2009 13:45:39 +1100 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Gary Kline <kline@thought.org> Cc: freebsd-questions@freebsd.org Subject: Re: is this getting out? Message-ID: <20091218124159.Q12012@sola.nimnet.asn.au> In-Reply-To: <20091217163447.EBF3010656F5@hub.freebsd.org> References: <20091217163447.EBF3010656F5@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In freebsd-questions Digest, Vol 289, Issue 4, Message 14 On Sat, 12 Dec 2009 15:32:07 -0800 Gary Kline <kline@thought.org> wrote: > ariatotle is offline; i'm exclusively on my new server. will > somebody please do a digg thought.org and see if they see what i see? > > hope i get this..... At this moment just seeing SERVFAIL for thought.org, and (thus) its listed nameservers at your registrar: Name Server:NS1.THOUGHT.ORG Name Server:ETHIC.THOUGHT.ORG ======= smithi on sola% dig thought.org ; <<>> DiG 9.3.4-P1 <<>> thought.org ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 20499 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;thought.org. IN A ;; Query time: 4730 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) ;; WHEN: Fri Dec 18 12:35:32 2009 ;; MSG SIZE rcvd: 29 ======= That's from Australia (as good as anywhere else in this regard :) It's a bit fraught, and not recommended (indeed, frowned upon by RFCs), to have both/all of your domain nameserver IPs on one physical network. I know you had too many before, but if you know someone who can and will provide secondary/slave DNS for you, with a decent expiry time you can be offline for longish periods without your domain disappearing from view, even if your mail/web//etc servers are temporarily offline. Rather than having to ask others to look it up, try locating some public recursive nameserver that you can use, maybe provided by your ISP, let's call it ns1.example.org .. then (assuming basic connectivity) you can: % dig @ns1.example.org [whatever.]thought.org [a|ns|soa|mx|..] to check visibility for yourself while you're tinkering with your DNS, remembering to allow time for changes to propagate. So it's best to be running a short default TTL (say 3600 seconds) until you're running ok, then once OK increase it to something more reasonable, say 1 day. Don't forget to increase your zone's serial number with each change to your configuration, or slave servers won't notice and fetch updates. If in doubt, it never hurts to bump the serial and restart named. Use the standard format so you never use a smaller integer than before, eg 2009121801 for the first update today. Check the supplied HTML docs. Ensure that your firewall allows both TCP and UDP connections inbound on port 53 on each of your externally accessible nameservers, and of course allows response traffic outbound. cheers, Ian PS because thought.org is SERVFAIL at the mo, you won't get this mail direct till the domain reappears here. It'll be queued for two days.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091218124159.Q12012>