Search Again: Re: If a site is really acting as a secondary, what should I see? From: Men & Mice Support Date: Monday, November 27, 2000 Time: 3:53:50 pm At 5:48 PM -0500 11/27/00, Robert J. Woodhead (AnimEigo) wrote: >My new ISP is supposed to be providing secondary DNS, but even with >extensive logging on, I don't notice them doing zone transfers and >when I DIG with -norecurse I get either just a SOA record (on one of >their servers) or a referral to the .com roots (on the other one). > >So am I justified in toasting them for screwing up? I would assume >that a -norecurse dig on the alleged secondaries ought to show the >same thing as one on the main dns server, correct? > >One complication is that right now the TTL on the domains is 1 hour. TTL doesn't affect the way a secondary server behaves. However, I notice you've set your SOA record to the following: animeigo.com. 3600 SOA dns.animeigo.com. trebor.animeigo.com. 96100494 ; serial 3600 ; refresh (1 hour) 3600 ; retry (1 hour) 3600 ; expire (1 hour) 3600 ; minimum (1 hour) The SOA record is the Domain Information dialog in QuickDNS Pro 2.x. You should review the meanings of these fields before making changes like this; the expire value, in particular, is going to cause problems. ____________________________________________________________________ Refresh: Frequency at which the secondary servers should check for updates. Retry: If a refresh fails (primary server doesn't respond), frequency at which secondary servers should retry until they get a successful check. Generally recommended to be shorter than Refresh, but doesn't have to be. Expire: Maximum length of time between successful checks. If a secondary can't contact the primary before this runs out, it stops serving the domain. Must be longer than Refresh, to avoid problems; generally recommended to be at least 1 week, up to 1 month or more. Minimum: Default TTL. Any record (including the SOA record itself) which has no explicit TTL will get this value instead. TTL: Cache duration. A well-behaved server will never cache a record for longer than this value. It is free to discard a record from cache before the time limit, though. Unfortunately, there are resolvers that ignore this value (and some are high-profile). Note that all these values are in seconds. Also note that a secondary server won't use new values (if you change them) until it next updates its copy of the domain, at a time interval dependent on the old Refresh and Retry values. ____________________________________________________________________ What you should see in the dig results is that the response is marked as authoritative. As I recall, that's the flag "aa" in the response header - if you see it, the response is authoritative. I don't recall, though. Also, make sure you're querying these servers for the right record type - probably, ANY will work best. As I recall, the default for dig is A. I use DNS Expert's query tool, which permits you to turn recursive querying on and off with a checkbox, and tells you in English whether the response was authoritative. I found that the following servers respond authoritatively for animeigo.com: dns.animeigo.com dns1.wilmington.net dns2.wilmington.net If these are your new ISP's servers, then everything looks fine from here. ____________________________________________________________________ Chris Buxton Men & Mice cbuxton@menandmice.com We Make DNS Easy!

Messages In This Thread: If a site is really acting as a secondary, what should I see? by Robert J. Woodhead (AnimEigo) on Nov 27, 2000 at 3:23:30 pm Re: If a site is really acting as a secondary, what should I see? by Global Homes Webmaster on Nov 27, 2000 at 3:47:31 pm Re: If a site is really acting as a secondary, what should I see? by Men & Mice Support on Nov 27, 2000 at 3:53:50 pm