All of a sudden domains not resolving

Rage9

Rage9

Banned
Jan 7, 2008
6,061
101
0
All of a sudden none of my domains resolve on my server. According to intodns.com they aren't returning 'any A records'.

This just happened out of the blue about a day or so ago. Everything was working fine up until then. I haven't made any chances to the system when it went down.

It's CentOS running DirectAdmin system. Thoughts?
 


Did you recently upgrade DA? There have been a few people on the DA forums say that their NS A records just disappeared after an upgrade. I'd bet if you looked at the DNS settings they'd be missing.
 
Domains are pointed at my own nameservers which is obviously pointed at my server. All domains are then added through directadmin which sets up the proper dns settings. It stopes working. Everything looks like is set up right and I'm not getting any errors when restarting named. It's been working fine for months so I'm stumped.
 
You would have to out at least one of your domains for us to take a look at it.
Otherwise, it's a game of what-ifs.
 
I just had the same problem. Luckily, papajohn pointed this out to me. I asked HostGator about it and got this response:

Verisign recently made changes to the way DNS works to such a point that if your domain is using private name-servers, and you do not have an A record in the zone for those name-servers, the domain will be unresolvable. This is known as a mismatched glue error.
Click to expand...
 
bcc423 said:
You would have to out at least one of your domains for us to take a look at it.
Otherwise, it's a game of what-ifs.
Click to expand...

People dont typically do that here. Out one and its like outing them all with this crowd.
 
Verisign recently made changes to the way DNS works to such a point that if your domain is using private name-servers, and you do not have an A record in the zone for those name-servers, the domain will be unresolvable. This is known as a mismatched glue error.
Click to expand...
Mismatched glue won't make it completely fail queries. Especially not if both of the ips (in glue and returned by the authoritative server) lead to functioning name servers that respond to requests for that zone.

In other words, simple inaction won't break it in the way OP described. There is something else going on.

On top of that, it would only matter if you were trying to resolve a name that's part of the same zone as that of the name server, which I doubt is the case for "all" of his domains.
 
pfgannon said:
I just had the same problem. Luckily, papajohn pointed this out to me. I asked HostGator about it and got this response:
Verisign recently made changes to the way DNS works to such a point that if your domain is using private name-servers, and you do not have an A record in the zone for those name-servers, the domain will be unresolvable. This is known as a mismatched glue error.
Click to expand...
Click to expand...

According to subigo this is what it is. Just made the proper changes so we'll have to wait and see.
 
pfgannon said:
I just had the same problem. Luckily, papajohn pointed this out to me. I asked HostGator about it and got this response:

"Verisign recently made changes to the way DNS works to such a point that if your domain is using private name-servers, and you do not have an A record in the zone for those name-servers, the domain will be unresolvable. This is known as a mismatched glue error."
Click to expand...

I can confirm that this is true. It's really strange that I can't find news of this anywhere, because it's a pretty big deal. Anyway, I had a test server without A records for the nameservers and I hadn't looked at it in months. Sure enough, none of the domains resolved. I added the A records and everything starting working within an hour.
 
Rage9 said:
According to subigo this is what it is. Just made the proper changes so we'll have to wait and see.
Click to expand...

Check some of your domains on hidemyass.com, their server has propagated with the new info already and your domains are all loading through there. Give it a few hours and it should be working for everyone.
 
In to whine about this issue. I've had this problem with about 12 sites out of a couple hundred. Different hosts, different registrars, different admin panels ... no rhyme or reason to it. Some of the domains had neighbors with the exact same setup resolved just fine. Sometimes it was geo specific (resolved here but not elsewhere).

On some of the sites the domains were fixed by the a records thing mentioned above. On some domains I just changed the DNS information and it worked just fine after resolving.

Fuck this madness.

Verisign recently made changes to the way DNS works to such a point that if your domain is using private name-servers, and you do not have an A record in the zone for those name-servers, the domain will be unresolvable. This is known as a mismatched glue error.
Click to expand...

If anyone has some reading material on ^^ I'd love to read it because if this is true, I've got a lot of work to do.
 
Big props to subigo and zensix, I would never have fucking guessed that was it. Chances are this is going to happen to lots of other people, maybe we should sticky this?
 
On this note, is there an accepted guide to configuring bulletproof DNS, ie. what is right and wrong for glue records, etc. for maximum reliability?
 
good to heat you guys sorted the problem out
I checked 10 random domains, different hosting plans, different registrars and all of them are resolving...

do we need to check all of our domains ? or can we refine this to a particular tld, registrar, control panel, whatever ?
 
You must log in or register to reply here.
Top Bottom