secondary DNS giving out wrong IP address?

L

LPummer

New Member
I've been using zoneedit's free secondary DNS for a while. Recently I switched static IPs. The old line has been shut down but ZoneEdit wasn't updated to point to the new primary DNS server yet. I found that zoneedit is giving out an IP belonging to voodoo.com in place of an error or the right IP address.

Is this intentional? Has someone hijacked secondary for my domain because ZoneEdit didn't know the right primary to contact?

I did an nslookup on my old DNS server IP and it does not return an answer for the record I am looking up

Wrong:
$ dig @dns1.zoneedit.com new.toy3.chip-web.com A

; <<>> DiG 9.9.5 <<>> @dns1.zoneedit.com new.toy3.chip-web.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13376
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;new.toy3.chip-web.com. IN A

;; ANSWER SECTION:
new.toy3.chip-web.com. 3600 IN A 192.64.147.142

;; Query time: 121 msec
;; SERVER: 162.220.33.236#53(162.220.33.236)
;; WHEN: Mon Sep 05 18:34:31 PDT 2016
;; MSG SIZE rcvd: 66

Right:
$ dig @chip-web.com new.toy3.chip-web.com A

; <<>> DiG 9.9.5 <<>> @chip-web.com new.toy3.chip-web.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59522
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 3
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;new.toy3.chip-web.com. IN A

;; ANSWER SECTION:
new.toy3.chip-web.com. 43200 IN A 45.16.99.225

;; AUTHORITY SECTION:
chip-web.com. 43200 IN NS chip-web.com.
chip-web.com. 43200 IN NS dns2.zoneedit.com.
chip-web.com. 43200 IN NS inet.pcscons.com.
chip-web.com. 43200 IN NS dns1.zoneedit.com.

;; ADDITIONAL SECTION:
inet.pcscons.com. 43200 IN A 45.16.99.226
chip-web.com. 43200 IN A 45.16.99.225

;; Query time: 37 msec
;; SERVER: 45.16.99.225#53(45.16.99.225)
;; WHEN: Mon Sep 05 18:34:36 PDT 2016
;; MSG SIZE rcvd: 186
 
Hi,

This is resolving correctly now:

dig @dns1.zoneedit.com new.toy3.chip-web.com A

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> @dns1.zoneedit.com new.toy3.chip-web.com A
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51347
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;new.toy3.chip-web.com. IN A

;; ANSWER SECTION:
new.toy3.chip-web.com. 43200 IN A 45.16.99.225

;; Query time: 196 msec
;; SERVER: 162.220.33.236#53(162.220.33.236)
;; WHEN: Tue Sep 6 13:13:20 2016
;; MSG SIZE rcvd: 55

We have the same serial as your primary:

dig +short @dns1.zoneedit.com chip-web.com SOA
inet.chip-web.com. ludwigp.gmail.com. 2016072601 21600 10800 604800 43200

dig +short @45.16.99.226 chip-web.com SOA
inet.chip-web.com. ludwigp.gmail.com. 2016072601 21600 10800 604800 43200
 
Yes, it's working now, probably because I updated the primary DNS server's IP in my zoneedit control panel to be the current one.

I'm concerned about the behavior when my primary DNS was unavailable. I would hope that the secondary responds with an error, not an IP address for some "domain parking" company.
 
You must log in or register to reply here.
Back
Top