Re: [users] Report Errors from dnsreport.com

[Andreas Pelme]

Jeff Montgomey wrote:
> Thanks for all the help. Is there are way to fix the serial numbers to
> be in that date format?

I was suffering from the same problem. In my case this was not just a
warning. In fact the swedish (.se) name servers would not even accept my
name servers when they did not reply the same soa-serials.

I wrote a small patch, put it on my website and mailed it to Bill. I
should have posted it on the list too, but I forgott.

You can find the patch and instructions here:
http://pelme.se/~andreas/code/vegadns-soa-update

I guess it is not a good idea to put this in 0.9.x because the database
has to be altered. I would really like to see this behaviour by default
in 1.x. If you are interested, I can write patches for it.

I hope it helps you out.

-- 
Andreas Pelme <[EMAIL PROTECTED]>
+46(0)704773720


signature.asc
Description: Digital signature

Re: [users] Report Errors from dnsreport.com

[Bill Shupp]

Jeff Montgomey wrote:

Thanks for all the help.  Is there are way to fix the serial numbers to 
be in that date format?


First off, it's just a recommendation, NOT a requirement:

WARNING: Your SOA serial number is: 1125625761. That is OK, but the 
recommended format (per RFC1912 2.2) is MMDDnn, where 'nn' is the 
revision.


You can ignore it.  However, while VegaDNS does not support custom 
serial numbers, the SOA (Z) line format does.  From 
http://cr.yp.to/djbdns/tinydns-data.html:



Zfqdn:mname:rname:ser:ref:ret:exp:min:ttl:timestamp:lo

SOA record for fqdn showing mname as the primary name server, rname 
(with the first . converted to @) as the contact address, ser as the 
serial number, ref as the refresh time, ret as the retry time, exp as 
the expire time, and min as the minimum time. ser, ref, ret, exp, and 
min may be omitted; they default to, respectively, the modification time 
of the data file, 16384 seconds, 2048 seconds, 1048576 seconds, and 2560 
seconds.



Regards,

Bill

Re: [users] Report Errors from dnsreport.com

[Jeff Montgomey]

Bill Shupp wrote:


Jeff Montgomey wrote:


Probably help if I include my records:

#cpsi-mis.com
+mail.cpsi-mis.com:68.17.65.212:3600
+ns-atl-b.cpsi-mis.com:68.17.65.220:3600
@cpsi-mis.com::mail.cpsi-mis.com:0:3600
&cpsi-mis.com::ns-atl-b:3600
Zcpsi-mis.com:68.17.65.220:domainadmin.cpsi-mis.com::16384:2048:1048576:2560:86400 




You're missing an a record for ns-mob-b.cpsinet.com.  Try adding:

+ns-mob-b.cpsi-mis.com:70.158.1.69:3600

Regards,

Bill

Thanks for all the help.  Is there are way to fix the serial numbers to 
be in that date format?

Re: [users] Report Errors from dnsreport.com

[Bill Shupp]

Jeff Montgomey wrote:


Probably help if I include my records:

#cpsi-mis.com
+mail.cpsi-mis.com:68.17.65.212:3600
+ns-atl-b.cpsi-mis.com:68.17.65.220:3600
@cpsi-mis.com::mail.cpsi-mis.com:0:3600
&cpsi-mis.com::ns-atl-b:3600
Zcpsi-mis.com:68.17.65.220:domainadmin.cpsi-mis.com::16384:2048:1048576:2560:86400 


You're missing an a record for ns-mob-b.cpsinet.com.  Try adding:

+ns-mob-b.cpsi-mis.com:70.158.1.69:3600

Regards,

Bill

Re: [users] Report Errors from dnsreport.com

[Jeff Montgomey]

Bill Shupp wrote:


Jeff Montgomey wrote:


I am running a report from dnsreports.com for my domain cpsi-mis.com

I am getting a couple of fails that I need to work out. *Fail

Missing (stealth) nameservers

*

I think this might be the problem:  I am not getting the ns entry 
with vegasdns (or maybe I don't understand dns fully) My DNS server 
is ns-atl-b.cpsinet.com but I cannot enter that as a NS record.  I 
will enter in as ns-atl-b.cpsinet.com.cpsi-mis.com.  How can this be 
resolved?


The next error is
*Stealth NS record leakage
*

What is this and how can I plug the leak?


I am also getting a warn about this:
WARNING: Your SOA (Start of Authority) record states that your 
*master* (primary) name server is: *68.17.65.220.*. However, that 
server is not listed at the parent servers as one of your NS records! 
This is probably legal, but you should be sure that you know what you 
are doing.


and this:

WARNING: Your SOA serial number is: *1134711922*. That is OK, but the 
recommended format (per RFC1912 
 2.2) is MMDDnn, where 
'nn' is the revision. For example, if you are making the 3rd change 
on 02 May 2000, you would use 250203. This number *must* be 
incremented every time you make a DNS change.


Your SOA serial appears to be the number of seconds since midnight 01 
Jan 1970 when the last DNS change was made (tinydns format). That 
works out to be *Fri Dec 16 00:45:22 2005 * GMT.


Thaks for the help in clearing these up.  Great product by the way.



Make sure you have A records for the name servers.  That will 
definitely cause problems if you don't.


Regards,

Bill


Probably help if I include my records:

#cpsi-mis.com
+mail.cpsi-mis.com:68.17.65.212:3600
+ns-atl-b.cpsi-mis.com:68.17.65.220:3600
@cpsi-mis.com::mail.cpsi-mis.com:0:3600
&cpsi-mis.com::ns-atl-b:3600
Zcpsi-mis.com:68.17.65.220:domainadmin.cpsi-mis.com::16384:2048:1048576:2560:86400

Re: [users] Report Errors from dnsreport.com

[Bill Shupp]

Jeff Montgomey wrote:

I am running a report from dnsreports.com for my domain cpsi-mis.com

I am getting a couple of fails that I need to work out. *Fail

Missing (stealth) nameservers

*

I think this might be the problem:  I am not getting the ns entry with 
vegasdns (or maybe I don't understand dns fully) My DNS server is 
ns-atl-b.cpsinet.com but I cannot enter that as a NS record.  I will 
enter in as ns-atl-b.cpsinet.com.cpsi-mis.com.  How can this be resolved?


The next error is
*Stealth NS record leakage
*

What is this and how can I plug the leak?


I am also getting a warn about this:
WARNING: Your SOA (Start of Authority) record states that your *master* 
(primary) name server is: *68.17.65.220.*. However, that server is not 
listed at the parent servers as one of your NS records! This is probably 
legal, but you should be sure that you know what you are doing.


and this:

WARNING: Your SOA serial number is: *1134711922*. That is OK, but the 
recommended format (per RFC1912 
 2.2) is MMDDnn, where 
'nn' is the revision. For example, if you are making the 3rd change on 
02 May 2000, you would use 250203. This number *must* be incremented 
every time you make a DNS change.


Your SOA serial appears to be the number of seconds since midnight 01 
Jan 1970 when the last DNS change was made (tinydns format). That works 
out to be *Fri Dec 16 00:45:22 2005 * GMT.


Thaks for the help in clearing these up.  Great product by the way.


Make sure you have A records for the name servers.  That will definitely 
cause problems if you don't.


Regards,

Bill

[users] Report Errors from dnsreport.com

[Jeff Montgomey]

I am running a report from dnsreports.com for my domain cpsi-mis.com

I am getting a couple of fails that I need to work out. 
*Fail


Missing (stealth) nameservers

*

I think this might be the problem:  I am not getting the ns entry with 
vegasdns (or maybe I don't understand dns fully) My DNS server is 
ns-atl-b.cpsinet.com but I cannot enter that as a NS record.  I will 
enter in as ns-atl-b.cpsinet.com.cpsi-mis.com.  How can this be resolved?


The next error is
*Stealth NS record leakage
*

What is this and how can I plug the leak?


I am also getting a warn about this:
WARNING: Your SOA (Start of Authority) record states that your *master* 
(primary) name server is: *68.17.65.220.*. However, that server is not 
listed at the parent servers as one of your NS records! This is probably 
legal, but you should be sure that you know what you are doing.


and this:

WARNING: Your SOA serial number is: *1134711922*. That is OK, but the 
recommended format (per RFC1912 
 2.2) is MMDDnn, where 
'nn' is the revision. For example, if you are making the 3rd change on 
02 May 2000, you would use 250203. This number *must* be incremented 
every time you make a DNS change.


Your SOA serial appears to be the number of seconds since midnight 01 
Jan 1970 when the last DNS change was made (tinydns format). That works 
out to be *Fri Dec 16 00:45:22 2005 * GMT.


Thaks for the help in clearing these up.  Great product by the way.