Pages

Thursday, August 25, 2011

How to fix the DNS Error

How to fix the DNS Errors

Domain Name System is the one of the most important in the internet.This is the brain of the internet and websites.The hosting providers know about the DNS errors and warning and how to fix this.The simple practice with the intodns online tool.This is the powerful  DNS checking tool.

What is in the DNS? See the below table;


RecordsDescrition
A host address (Pointing)
CNAMEidentifies the canonical name
HINFOidentifies the CPU and OS used by a host
MX identifies a mail exchange for the domain.
NSthe authoritative name server for the domain
PTRa pointer to another part of the domain name space
SOA identifies the start of a zone of authority
classwhich is an encoded 16 bit value which identifies a protocol family or instance of a protocol.
IN the Internet system
CH the Chaos system
TTL which is the time to live of the RR. This field is a 32
bit integer in units of seconds, an is primarily used by
resolvers when they cache RRs. The TTL describes how
long a RR can be cached before it should be discarded.

Best Practice with intodns tool

1.Domain NS records
  • Nameserver records returned by the parent servers

2.TLD Parent Check
  • the parent server that interrogated, has information for TLD. This is a good thing as there are some other domain extensions like "co.us" for example that are missing a direct check.

3.Nameservers list
  • This is a must if you want to be found as anyone that does not know your DNS servers will first ask the parent nameservers.

4.DNS Parent sent Glue
  • The parent nameserver sent GLUE, meaning he sent the nameservers as well as the IPs of your nameservers. Glue records are A records that are associated with NS records to provide "bootstrapping" information to the nameserver.(see RFC 1912 section 2.3)

5.Nameservers A records
  • Every nameserver listed has A records. This is a must.

6.NS records from your nameservers
  • NS records got the nameservers listed at the parent NS

7.Recursive Queries
  • nameservers (the ones reported by the parent server) do not report that they allow recursive queries for anyone.

8.Same Glue
  • The A records (the GLUE) got from the parent zone check are the same as the ones got from your nameservers.

9.Glue for NS records
  • nameservers for the NS records,also returned the A records for the NS records. This is a good thing as it will spare an extra A lookup needed to find those A records.

10.Mismatched NS records
  • The NS records at all nameservers are identical.

11.DNS servers responded
  • All nameservers listed at the parent server responded.

12.Name of nameservers are valid
  • All of the NS records that your nameservers report seem valid.

13.Multiple Nameservers
  • multiple nameservers. According to RFC2182 section 5.must have at least 3 nameservers, and no more than 7. Having 2 nameservers is also ok.

14.Nameservers are lame
  • All the nameservers listed at the parent servers answer authoritatively for domain.

15.Missing nameservers reported by parent
  • All NS records are the same at the parent and at nameservers.

16.Missing nameservers reported by your nameservers
  • All nameservers returned by the parent server f.gtld-servers.net are the same as the ones reported by the nameservers.

17.Domain CNAMEs
  • RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.

18.NSs CNAME check
  • RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.

19.Different subnets
  • Looks like you have nameservers on different subnets!

20.IPs of nameservers are public
  • Looks like the IP addresses of the nameservers are public. This is a good thing because it will prevent DNS delays and other problems like

21.DNS servers allow TCP connection
  • DNS servers allow TCP connections. This is a good thing and useful even if UDP connections are used by default.

22.Different autonomous systems
  • It seems safe from a single point of failure.Must be careful about this and try to have nameservers on different locations as it can prevent a lot of problems if one nameserver goes down.

23.Stealth NS records sent
  • stealth ns records

24.SOA record
  • The SOA record is:
  • Primary nameserver: ns1.xxxx.com
  • Hostmaster E-mail address: dns-xxxx.com
  • Serial #: 1460334
  • Refresh: 7200
  • Retry: 1800
  • Expire: 1209600 2 weeks
  • Default TTL: 300
25.NSs have same SOA serial
  • nameservers agree that your SOA serial number is 1460334.

26.SOA MNAME entry
  • ns1.xxxx.com That server is listed at the parent servers.

27.SOA Serial
  • The recommended format (per RFC1912 2.2) is YYYYMMDDnn, where 'nn' is the revision.SOA serial appears to be the number of seconds since midnight 00 Jan 0000 when the last DNS change was made. That seems to be 0000/0/00 00:00:00

28.SOA REFRESH
  • SOA REFRESH interval is: 7200. That is OK

29.SOA RETRY
  • SOA RETRY value is: 1800. Looks ok

30.SOA EXPIRE
  • SOA EXPIRE number is: 1209600.Looks ok

31.SOA MINIMUM TTL
  • SOA MINIMUM TTL is: 300. This value was used to serve as a default TTL for records without a given TTL value and now is used for negative caching (indicates how long a resolver may cache the negative answer). RFC2308 recommends a value of 1-3 hours. value 300 is OK.

32.MX Records

  • MX records that were reported by the nameservers.

33.Different MX records at nameservers
  • Looks like all nameservers have the same set of MX records. This tests to see if there are any MX records not reported by all the nameservers and also MX records that have the same hostname but different IPs.

34.MX name validity

35.MX IPs are public
  • OK. All the MX records appear to use public IPs.

36.MX CNAME Check

37.MX A request returns CNAME
  • CNAMEs returned for A records lookups.OK.

38.MX is not IP
  • MX records are host names.OK.

39.Number of MX records
  • multiple MX records at all the nameservers. This is a good thing and will help in preventing loss of mail.

40.Mismatched MX A
  • Not detect differing IPs for the MX records.Ok.

41.Duplicate MX A records
  • not found duplicate IP(s) for the MX records. This is a good thing.

42.Reverse MX A records (PTR)
  • have reverse (PTR) records for all the IPs, that is a good thing.

43.WWW A Record
[Looks like CNAME's]

44.IPs are public
  • WWW IPs appear to be public IPs. OK.

45.WWW CNAME
  • CNAME record for www.xxxx.com.CNAME entry also returns the A record for the CNAME entry, which is good.

Thanks  

0 comments:

Post a Comment

godaddy