A BIG thanks to Josh for stepping up real quickly to help keep AFMUG online.
Gotta get that 3rd DNS server OFFSITE ! Too many things on “the list” We sustained some damage, but it could have been a LOT worse. Got blessed by a last minute jog to the East keeping the Cat4 winds in the ocean where they belong Paul From: Af [mailto:af-boun...@afmug.com] On Behalf Of George Skorup Sent: Friday, October 7, 2016 2:18 PM To: af@afmug.com Subject: Re: [AFMUG] afmug.com DNS Looks like Paul got his network back online. Lets all hope he has a speedy recovery. But anyway, I don't know exactly when his network/name servers went offline, but when I started this thread last night, I was already getting NXDOMAIN. And as Eric pointed out, your NS record wasn't added to the zone, so that explains why. Your name server was definitely answering... with Paul's three NS records, which were all offline, thus brokedid. I wouldn't have a problem being a secondary for the zone either. My ns1, ns2 and ns3 machines share an anycast address. Which would be a little tricky to set up. The anycast address would be the NS record, but the zone config on the master would need also-notify statements. I know Paul isn't running BIND, so not sure if that would work. But I can't imagine afmug.com being a large zone. We're a Tucows/OpenSRS reseller too. And I have many domains using their DNS. And it's the right price... free. That might be the easier solution to this problem in the future. Or Amazon's DNS since the list is there anyway. On 10/7/2016 6:51 AM, Josh Baird wrote: I'm hosting DNS on NS1.KYWIMAX.COM<http://NS1.KYWIMAX.COM>. It looks like Paul did forget to update the NS RRSet to make my server authoritative (give him a break, he's dealing with a hurricane), but as long as I'm answering queries things should be fine for the next 9 days (when the expire SOA reaches zero). I could always flip the slave into a master zone and update the NS RRSet myself. Josh On Fri, Oct 7, 2016 at 12:41 AM, Ken Hohhof <af...@kwisp.com<mailto:af...@kwisp.com>> wrote: So a lame delegation. But if it is answering queries, maybe things won’t break? From: Af [mailto:af-boun...@afmug.com<mailto:af-boun...@afmug.com>] On Behalf Of Eric Kuhnke Sent: Thursday, October 6, 2016 11:27 PM To: af@afmug.com<mailto:af@afmug.com> Subject: Re: [AFMUG] afmug.com<http://afmug.com> DNS I am seeing ns1.kywimax.com<http://ns1.kywimax.com> as a 3rd nameserver in the whois record for afmug.com<http://afmug.com> It seems to be answering But the zone file itself was not updated to list ns1.kywimax.com<http://ns1.kywimax.com> as authoritative, so stuff will probably break. dig mail.afmug.com<http://mail.afmug.com> @ns1.kywimax.com<http://ns1.kywimax.com> ; <<>> DiG 9.10.3-P4-Ubuntu <<>> mail.afmug.com<http://mail.afmug.com> @ns1.kywimax.com<http://ns1.kywimax.com> ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17959 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;mail.afmug.com<http://mail.afmug.com>. IN A ;; ANSWER SECTION: mail.afmug.com<http://mail.afmug.com>. 600 IN A 54.210.210.89 ;; AUTHORITY SECTION: afmug.com<http://afmug.com>. 10800 IN NS ns0.pdmnet.com<http://ns0.pdmnet.com>. afmug.com<http://afmug.com>. 10800 IN NS ns.pdmnet.com<http://ns.pdmnet.com>. afmug.com<http://afmug.com>. 10800 IN NS ns1.pdmnet.com<http://ns1.pdmnet.com>. ;; Query time: 93 msec ;; SERVER: 100.42.32.200#53(100.42.32.200) ;; WHEN: Thu Oct 06 21:25:11 PDT 2016 ;; MSG SIZE rcvd: 119 On Thu, Oct 6, 2016 at 9:09 PM, George Skorup <geo...@cbcast.com<mailto:geo...@cbcast.com>> wrote: Looks like Paul's network is offline. Did the secondary DNS for afmug.com<http://afmug.com> get set up? Doesn't look like it. I'm still seeing ns, ns0 and ns1.pdmnet.net<http://ns1.pdmnet.net> as the name servers. And all three are obviously down. So the list is going to break once everyone's DNS caches expire.
