#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    20
    Rep Power
    0

    DNS Multiple Server Same Domain Configuration Conflicting


    Hey All,

    I've got multiple servers sharing a domain, and some of the DNS settings seem to be conflicting. Granted, I haven't waited a full 24 hours, so the effects may be due to my ISP. However, this problem does not exist on my other home connection which is powered by Comcast. I've tried multiple proxies, and they all can load my site from the correct server just fine. On my connection, server 2 is loaded rather than server 1 when going to testdomain.com, which is set to use dns3.testdomain.com and dns4.testdomain.com as its name servers. I've had others try accessing testdomain.com, and it loads the correct page for them. I can't get it to work on my home connection though.

    Here are my DNS servers for each server. Do you see anything that could cause a conflict? The main server is dns3.testdomain.com while the other sub servers are named by location. Maybe my home ISP (Century Link), is just bad?


    Server 1 - dns3.testdomain.com:


    Code:
    
    $TTL    60
    @       IN      SOA     dns3.testdomain.com. {dnsemail} (
                            {serial}     ; Serial, this is www.ehcp.net dns zone template file.. 
                            1300   ; Refresh
                            180     ; Retry
                            84000  ; Expire
                            60 ) ; Minimum
    
    testdomain.com.           IN NS   dns.testdomain.com.
    testdomain.com.           IN NS   dns1.testdomain.com.
    testdomain.com.           IN NS   dns2.testdomain.com.
    testdomain.com.           IN NS   dns3.testdomain.com.
    testdomain.com.           IN NS   dns4.testdomain.com.
    testdomain.com.           IN NS   dns5.testdomain.com.
    testdomain.com.           IN NS   chicago.testdomain.com.
    testdomain.com.           IN NS   chicago1.testdomain.com.
    testdomain.com.           IN NS   chicago2.testdomain.com.
    testdomain.com.           IN NS   dallas.testdomain.com.
    testdomain.com.           IN NS   dallas1.testdomain.com.
    testdomain.com.           IN NS   dallas2.testdomain.com.
    dns.testdomain.com.        IN A    {dnsip}
    dns1.testdomain.com.        IN A    219.44.107.250
    dns2.testdomain.com.        IN A    219.44.107.250
    dns3.testdomain.com.       IN A    {dnsip}
    dns4.testdomain.com.       IN A    {dnsip}
    dns5.testdomain.com.       IN A    {dnsip}
    chicago.testdomain.com.       IN A    248.94.242.194
    chicago1.testdomain.com.       IN A    248.94.242.194
    chicago2.testdomain.com.       IN A    248.94.242.194
    dallas.testdomain.com.       IN A    206.230.231.74
    dallas1.testdomain.com.       IN A    206.230.231.74
    dallas2.testdomain.com.       IN A    206.230.231.74
    testdomain.com.           IN A    {webip}
    mail.testdomain.com.      IN A    {mailip}
    smtp.testdomain.com.   IN A    {webip}
    imap.testdomain.com.   IN A    {webip}
    webmail.testdomain.com.   IN A    {webip}
    ftp.testdomain.com.       IN CNAME        testdomain.com.
    www.testdomain.com.       IN CNAME        testdomain.com.
    testdomain.com.           IN MX  10 mail.testdomain.com.
    testdomain.com.           IN TXT "v=spf1 a mx -all"
    
    {customdns}
    
    *                       IN A    {webip}
    Server 2 - dallas.testdomain.com:

    Code:
    
    $TTL    86400
    @       IN      SOA     dallas.testdomain.com. {dnsemail} (
                            {serial}     ; Serial, this is www.ehcp.net dns zone template file.. 
                            10800   ; Refresh
                            1200     ; Retry
                            86400  ; Expire
                            86400 ) ; Minimum
    
    testdomain.com.           IN NS   dallas.testdomain.com.
    testdomain.com.           IN NS   dallas1.testdomain.com.
    testdomain.com.           IN NS   dallas2.testdomain.com.
    dallas.testdomain.com.        IN A    {dnsip}
    dallas1.testdomain.com.       IN A    {dnsip}
    dallas2.testdomain.com.       IN A    {dnsip}
    ogp.dallas.testdomain.com.           IN A    {webip}
    mail.dallas.testdomain.com.      IN A    {mailip}
    smtp.dallas.testdomain.com.   IN A    {webip}
    imap.dallas.testdomain.com.   IN A    {webip}
    webmail.dallas.testdomain.com.   IN A    {webip}
    ftp.dallas.testdomain.com.       IN CNAME        dallas.testdomain.com.
    www.dallas.testdomain.com.       IN CNAME        dallas.testdomain.com.
    dallas.testdomain.com.           IN MX  10 mail.dallas.testdomain.com.
    dallas.testdomain.com.           IN TXT "v=spf1 a mx"
    
    {customdns}

    Server 3 - chicago.testdomain.com:


    Code:
    $TTL 10800
    @ IN SOA chicago.testdomain.com.    postmaster@chicago.testdomain.com. (
                           1351900842	;serial
                           21600      ;refresh after 6 hours
                           3600       ;retry after 1 hour
                           604800     ;expire after 1 week
                           86400 )    ;minimum TTL of 1 day
    chicago		86400		IN		A		248.94.242.194
    chicago1		86400		IN		A		248.94.242.194
    chicago2		86400		IN		A		248.94.242.194
    mail		86400		IN		A		248.94.242.194
    @		86400		IN		MX		10	mail.chicago.testdomain.com.
    @		172800		IN		NS		chicago.testdomain.com.
    @		172800		IN		NS		chicago1.testdomain.com.
    @		172800		IN		NS		chicago2.testdomain.com.
  2. #2
  3. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Location
    Florida
    Posts
    248
    Rep Power
    4
    Are you running the testdomain.com website on the same connection you are on? If so, you need to use the internal IP, not the external. Most routers are going to have address translation weirdness if it is trying to route internal packets through the external interface. You can use something like dig/nslookup and check the DNS results to see if they are correct or not as well. That will at least rule out a DNS problem or prove it is a DNS problem. Also, you have a lot of name servers listed. Some look to have the same IP address, just a different hostname. You get no useful redundancy having multiple NS records hosted on the same IP. You may need it for whatever, but thought I'd point it out.
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    20
    Rep Power
    0
    Originally Posted by CaptPikel
    Are you running the testdomain.com website on the same connection you are on? If so, you need to use the internal IP, not the external. Most routers are going to have address translation weirdness if it is trying to route internal packets through the external interface. You can use something like dig/nslookup and check the DNS results to see if they are correct or not as well. That will at least rule out a DNS problem or prove it is a DNS problem. Also, you have a lot of name servers listed. Some look to have the same IP address, just a different hostname. You get no useful redundancy having multiple NS records hosted on the same IP. You may need it for whatever, but thought I'd point it out.
    I'm not running testdomain.com on the same connection I use. When I try to resolve testdomain.com, it says it can't find the host at all. However, this changes randomly. For example, on the same connection I was having problems with, everything seems to work properly right now, as testdomain.com is loaded. Other than the multiple nameservers using the same IP, do you see any other potential conflicts, or is my ISP's DNS server at fault (seems to be the case)
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Location
    Florida
    Posts
    248
    Rep Power
    4
    Sorry, I just took a closer look at your configs. It's still morning here.


    Your configs on the different name servers need to be near identical. Just eyeballing them, they are very different looking and seeme to have more/less data on some. The biggest issue I see is that only your server1 actually has an A record for testdomain.com. So if your ISP's name servers are asking server2 or server3 for testdomain.com's A record, it comes back empty with NOERROR.
  8. #5
  9. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    20
    Rep Power
    0
    Originally Posted by CaptPikel
    Sorry, I just took a closer look at your configs. It's still morning here.


    Your configs on the different name servers need to be near identical. Just eyeballing them, they are very different looking and seeme to have more/less data on some. The biggest issue I see is that only your server1 actually has an A record for testdomain.com. So if your ISP's name servers are asking server2 or server3 for testdomain.com's A record, it comes back empty with NOERROR.
    Shouldn't my ISP ask server 1 before attempting to resolve anything in relation to testdomain.com since it is set to use dns3.testdomain.com as its nameservers? Doesn't DNS resolve to the name server used by the domain first? I added the testdomain.com. A record to my other servers, and it doesn't seem to be conflicting anymore (working fine now). Should I add the NS records of dns3, dns4, chicago, chicago1, chicago2, dallas, dallas1, dallas2, dallas3, and their associated A records with the proper IP address for each of my servers to avoid possible other conflicts?

    Why do all of the server's records have to be identical? I figured these other servers could have less records that only specifically apply to them. I'm no DNS expert.

    Please answer the above questions, and a big thanks for your help thus far!
  10. #6
  11. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Nov 2010
    Location
    Florida
    Posts
    248
    Rep Power
    4
    Any server in your NS records is free game to query. So that's why you need to have all the information the same between servers, or you get intermittent problems.

    This is most easily solved with a master/slave setup. The master will send NOTIFY messages to the slave and the slave will make sure the data it has matches the masters. The slave can check on its own by verifying the serial number in the soa every refresh interval.
  12. #7
  13. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Mar 2010
    Posts
    20
    Rep Power
    0
    Originally Posted by CaptPikel
    Any server in your NS records is free game to query. So that's why you need to have all the information the same between servers, or you get intermittent problems.

    This is most easily solved with a master/slave setup. The master will send NOTIFY messages to the slave and the slave will make sure the data it has matches the masters. The slave can check on its own by verifying the serial number in the soa every refresh interval.
    I did not know this. Thank you very much for all the help. I ended up setting my main server to a master and setting the rest of my servers as slaves for the domain. All records were successfully transferred to the slave servers and everything is working perfectly now.

    I followed this guide in case anyone was wondering:

    http://aesptux.com/2011/11/08/configuring-bind9-master-slave-on-ubuntu/

IMN logo majestic logo threadwatch logo seochat tools logo