Previous | Table of Contents | Next |
You Cant See Me!
Lets say that you stop getting emaileven junk email. You pick up the phone and call your friend Space Monkey, who tells you that his email is getting bounced back to him. Hes terribly busy being a successful businessman so he hangs up before you can get details. However, he does mention that he cant get to your Web pages either. You suspect that theres probably an outside-to-inside DNS problem, because you can ping everybody in the world and can resolve their DNS addresses inside to outside.
So, how do you check the how the outside world looks you up? The first thing you do is (you guessed it) fire up nslookup. Lets start off by checking your DNS server, the most likely culprit:
$ nslookup - dns.frob.com Default Server: dns.frob.com Address: 167.195.160.6 > www Server: dns.frob.com Address: 127.0.0.1 Name: wizard.frob.com Address: 167.195.160.10 Aliases: www.frob.com > mail Server: dns.frob.com Address: 127.0.0.1 Name: dragon.frob.com Address: 167.195.160.8 Aliases: mail.frob.com
Many (but not all) DNS servers on the Internet are called dns or ns to designate whether theyre domain name servers or just name servers in general.
Hmm. Everything looks OK from a local standpoint.
Well, your DNS server is, in fact, dealing with the worldwhen it gets queries about your domain, it answers just fine. If this wasnt the case, you would troubleshoot it further: Is it down? Have its data files been corrupted? (If so, you should restore from a backup.)
The DNS server is okay, so well move on to other possible problems. Using nslookup again, lets find out how the root servers are telling others to look up your server. In other words, we need to look at the SOA record for your domain, starting from the beginning:
$ nslookup - moria.co.chatham.ga.us Default Server: moria.co.chatham.ga.us Address: 167.195.160.6 > set type=soa > server a.root-servers.net Default Server: a.root-servers.net Address: 198.41.0.4 > frob.com. Server: a.root-servers.net Address: 198.41.0.4 Authoritative answers can be found from: frob.com nameserver = NS4.frob.com frob.com nameserver = NS2.frob.com NS4.frob.com internet address = 167.195.160.15 NS2.frob.com internet address = 167.195.160.6
Whoa! Whats going on? Theres an IP address listed here for a server you dont know about. Actually, you do know about it, but its a server thats due to be rolled out next month, not this month. Apparently, one of your co-workers has jumped the gun and told the powers-that-be on the Internet that your name server has moved to this new address. Unfortunately, your current name server isnt listed due to a paperwork foul-up. A quick visit to the www.internic.net page (the clearinghouse for most domain names) and a discussion with your co-worker fixes this.
This scenario is unlikely (although Ive seen it happen). However, it gives you an idea of the type of havoc that can go on in the world of DNS. Ive even seen companies where a disgruntled system administrator has stolen the domain name after having left the company, leaving the company unable to get email or Web visits from the outside.
Eek! Can this happen? Unfortunately, yes. Two contacts are listed on a DNS entry: the administrative contact and the technical contact. If a system administrator lists himself as both, he can do an address change to his home address and then, after leaving the company, change the SOA record to something else. Theres not a lot you can do about this (from a technical standpoint). Your best bet is to pursue this from a business standpoint: Let the InterNIC (www.internic.net) know whats happened and enter into a domain name dispute. More than likely, youll be able to get your domain name back without having to get legal-eagle about it.
Previous | Table of Contents | Next |