From owner-freebsd-questions@FreeBSD.ORG Fri Nov 5 20:15:37 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7EC13106566B for ; Fri, 5 Nov 2010 20:15:37 +0000 (UTC) (envelope-from kline@thought.org) Received: from thought.org (plato.thought.org [209.180.213.209]) by mx1.freebsd.org (Postfix) with ESMTP id 30C428FC0C for ; Fri, 5 Nov 2010 20:15:35 +0000 (UTC) Received: by thought.org (Postfix, from userid 1001) id 2959CE82006; Fri, 5 Nov 2010 13:15:35 -0700 (PDT) Date: Fri, 5 Nov 2010 13:15:35 -0700 From: kline To: Jon Radel Message-ID: <20101105201534.GB18133@thought.org> References: <201011040210.oA42A7rb008179@mail.r-bonomi.com> <20101104055900.GA4796@thought.org> <4CD269F8.3040105@bah.homeip.net> <1288930975.2625.35.camel@newtao.thought.org> <4CD396DB.5000204@radel.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4CD396DB.5000204@radel.com> X-Organization: Thought Unlimited. Public service Unix since 1986. X-Of_Interest: With 24 years of service to the Unix community. User-Agent: Mutt/1.5.20 (2009-06-14) Cc: freebsd-questions@freebsd.org Subject: Re: ATTN GARY KLINE X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Nov 2010 20:15:37 -0000 On Fri, Nov 05, 2010 at 01:32:11AM -0400, Jon Radel wrote: > On 11/5/10 12:22 AM, kline wrote: > > > >i''m using evo to be able to click on. i have fewer ``Fail'' type > >responses, but do not understand the failure messages. Also, since it > >has been 9.5 years since I read DNS AND BIND, the jargon is lost. What > >does "glue" means? and how should I resolve? > > > >It is time to get this stuff arrow-straight, so hoping that someone > >on-list can clue me in. > > > > > >tx, > > > > > >gary > > > >http://www.dnscog.com/report/thought.org/1288928790 > If your parents, the nameservers authoritative for .org, tell the > world that one of the nameservers for thought.org is > ns1.thought.org, they also have to tell the world what the IP > address for ns1.thought.org is using an A record. That A record is > glue. Otherwise you get a machine conversation something like: > > Resolving nameserver trying to find a record in the thought.org zone > (RN): Please Mr. root server, I'd like to know about > www.thought.org.... > Root: See the .org folks over there.... > RN: Please Mr. top-level dude, about that www.thought.org.... > Org: Well, see ns1.thought.org.... > RN: Ahem, I'm trying to find out basic stuff about thought.org and > I don't know the address for ns1.thought.org in order to ask it > Org: Well, ask ns1.thought.org what the address for ns1.thought.org is... > RN: But, but, but....followed by petulant stomping off > > Glue A records fix that problem. > > BTW, the fact that a glue record isn't returned for ns2.everydns.net > in response to a query about NS records for thought.org really isn't > a problem; note the "info" rather than "fail" from DNSCog. I did not see the "info" tag, thanks. Here is what I have for my "A" recordes in thought.org's external [and internal] filees. Note that plsto and ns1 are different computers. plato is my firewall. thought.org.e.hosts:19:ethic A 209.180.213.210 thought.org.e.hosts:20:plato A 209.180.213.209 thought.org.e.hosts:21:ns1 A 209.180.213.209 thought.org.i.hosts:14:ethic A 10.47.0.230 thought.org.i.hosts:15:plato A 10.47.0.1 thought.org.i.hosts:16:tao A 10.47.0.250 thought.org.i.hosts:18:zen A 10.47.0.190 FWIW, ethic *is* ns1. LAst time someone criticized having three IP's with the same quad decimal. (A couple years ago I was sown for several days and my wife had to talk with some tech [from Qwest]. He was either in Mumbai or Manilla and had her erase a bunch of lines from my "modem"/router. I don't think that has any effect here, tho I may be wrong.) > > Biggest problem I still see is that ns2.everydns.net refuses to > respond to queries about thought.org. You sure your account there > is still active and functional and that you're allowing zone > transfers to them? I note that you don't allow transfers from > arbitrary addresses, and > http://www.everydns.com/faq/secondary-domain/example-setup does warn > that the source address for transfer requests was/will/did change. I saw that and chaanged it, allowing transfers a day or two ago. Where do I look in /var/log/ to see if these actually happened? It may be that everydns.net got tired of requests and I need to re-do something. > > Some of the problems reported by DNSCog appear to be bogus. They've > got some bugs related to cases where a nameserver has a name in the > domain in question. (And also some bugs related to nameservers > which are reachable by both ipv4 and ipv6, but that doesn't apply to > you.) > Thankee much. I'll grep around for xfer in /var/log/* and hopefully see something from I recognize.) gary > > --Jon Radel > jon@radel.com > > -- Gary Kline kline@thought.org http://www.thought.org Public Service Unix The 7.90a release of Jottings: http://jottings.thought.org/index.php An Open Letter to Stephen Hawking http://www.thought.org/#oL