<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Thanks Heinz. I lowered the refresh
time yesterday and I've just seriously increased the serial. It
has become a bit curiouser though. Telstra's
lon-resolver.telstra.net appears to be returning the correct
record when queried from a USA server:<br>
<br>
# dig @203.50.2.71 xxxxx.net any<br>
<br>
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.5
<<>> @203.50.2.71 xxxxx.net any<br>
; (1 server found)<br>
;; global options: printcmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id:
19922<br>
;; flags: qr rd ra; QUERY: 1, ANSWER: 6, AUTHORITY: 2, ADDITIONAL:
4<br>
<br>
However, when I query the same server from my client's firewall
which is connected to Bigpond ADSL, it fails:<br>
<br>
t# dig @203.50.2.71 xxxxx.net any<br>
<br>
; <<>> DiG 9.5.1-P2 <<>> @203.50.2.71
xxxxx.net any<br>
; (1 server found)<br>
;; global options: printcmd<br>
;; Got answer:<br>
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id:
40361<br>
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL:
0<br>
<br>
I've never seen this sort of weirdness before. DNS seemed so much
easier when Robert Elz was running the show :).<br>
<br>
Gary<br>
<br>
<br>
<br>
<div class="moz-signature">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<title>Untitled Document</title>
On 28/10/2012 1:12 PM, Heinz N wrote:<br>
</div>
</div>
<blockquote
cite="mid:alpine.LNX.2.00.1210281255220.24054@servex.equisoft.com.au"
type="cite">
<blockquote type="cite">Am I right in thinking it is probably that
the domain had a long expire time? The refresh was set to 86400,
but it seems like it is being ignored or it doesn't figure in
how long DNS servers will wait before refreshing the domain.
<br>
</blockquote>
<br>
A few years ago I hade a similar problem when redelegating domains
where telstra was the secondary. I had a too long refresh time and
it seemed that their DNS only updated according to the longest
number: refresh or retry (this is just my opinion). Everyone
else's DNSs queried my authorative host and got the redelegations
but the secondary (telstra) didn't for quite some time. This
problem was my fault and now I have everything set at 1hr (except
expire which is set much longer).
<br>
<br>
I resorted to adding new host A records into those domains and
doing a dig @nsX.telstra.XXXX on those host.domain in order to
force their DNS to re-query the zone records. This didn't trigger
a zone transfer unfortunately, but the new hosts did then appear.
I used them until the full zone transfer finally happened. (This
is a bit difficult if your "www" A record is the one not
updating).
<br>
<br>
PS. Don't forget to update your Zone record serial number. You
might even try increasing it in order to try to trigger a full
refresh.
<br>
<br>
Regards,
<br>
Heinz N.
<br>
<br>
_______________________________________________
<br>
AusNOG mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>
<br>
<a class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>
<br>
<br>
</blockquote>
<br>
</body>
</html>