North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

OT: netsol and host records.

  • From: Marc MERLIN
  • Date: Wed Jan 31 18:09:07 2001

I've really tried, but I'm giving up. I know this is only vaguely related to
routers, but  since I couldn't find  anyone at netsol who  understands their
own system,  I'm hoping that someone  here has a better  idea (through trial
and error)

So, I had a host, www.svlug.org which  sat on one net (209.81.8.0) and as we
migrated to  a portable  netblock, it  migrated to  198.186.203.43. To avoid
disruption of service, we had the two nets configured on our router, and the
machine had both IPs.
We updated DNS  to switch everything to the 198.186.203.x  IPs, all was nice
and dandy.

Later (1  year later), we move  locations to a place  where 209.81.8.0 isn't
routed anymore, bring the host back up, everything looks cool.
However  people start  complaining that  they can't  reach www.svlug.org. We
find out that it still resolves to 209.81.8.243 (the old IP) for some folks.

After a lot of searching, we realize that netsol is still feeding the old IP
to  the root  name servers  who answer  the query  before the  resolvers are
refered to our name servers.
End up finding this:
http://www.networksolutions.com/cgi-bin/whois/whois;?STRING=host+WWW7974-HST&STRING=Search

It's now been  a month and a half  that I've been trying to get  rid of that
stupid www.svlug.org host record

Of course, we  never created that host record, it  was created when svcs.net
and  svcs.org (domains  owned by  someone else)  were as  they unfortunately
specified www.svlug.org as  a name server (something I only  found out about
way later  because there  is no  way to  know who's  using your  host record
unless someone really high up at netsol looks that up for you).

So, after moving svlug.org away from  netsol (to opensrs), and noticing they
were still feeding www.svlug.org to the  root name servers, I called them up
several times,  having to dodge the  clueless level 1 people  who don't know
what a host record  is or told me it was not their  problem since they don't
serve svlug.org.
(I've stopped  using their mail  system, I find it  much easier to  yank the
domain away from them  and move it to a registrar who  actually knows how to
write a couple of CGI scripts and set up an https server)

Eventually,  they  tell  me  about svcs.net  which  was  very  unfortunately
registered with www.svlug.org as a  name server (instead of ns.svlug.org), I
move that over to opensrs (with the help  of the owner who clicks on the URL
that opensrs  sends you to confirm  the domain move), fix  the name servers,
and it still doesn't work.
The owner mentions to me that there is an svcs.org too (they could have told
me, but no...), so wash, rince, and repeat...
Both domains are moved, name servers are fixed, wait a few days.
(so far  so good,  nothing in  this process involves  sending mail  to their
stupid mail system which  never works when I use it  anyway, besides I don't
get the  answers because  after 10  years+, they  still haven't  fixed their
script to add a 'To:' field in the Email they send)

A week later,  they're still feeding the  bad data to the  root name server.
Call them up 3 times, waste time  to go through the clueless level 1 people,
get level 2  folks who kind of  understand the problem but who  are now "not
habilitated to do a reverse lookup on a host record" to see if any domain is
still using the bad host record.
I insist, ask for a supervisor, ask  for someone who can do the damn lookup,
but no, no one is available.
- Why don't you send a host delete request?
- Well, if a domain is pointing to it, it won't work now, will it?
- Err yeah.
- And you can't tell me what is pointing to it if anything.
- Err no.

"Send us letterhead"
Yeah, as soon as I go to kinkos and make SVLUG letterhead, I'll do that.

"I'll send you the forms you need to fax"
I never  get them  because she  misspelled my  Email address  and apparently
never  got/saw the  bounce from  my mail  server and  insisted that  it went
through.

Call again,  get escalated  again as  soon as  I confused  the level  1 tech
enough.

Ok, this guy can actually confirm that nothing is pointing to www.svlug.org.
(never mind that no one was there to do that 10mn ago when I called)

- But then why are you still feeding the bad IP to the root name servers?
- Because it's our database
- Grrrmm. Ok, look at this:
  http://www.networksolutions.com/cgi-bin/whois/whois;?STRING=host+ns2.merlins.org
  Notice the bad IP? Well, it stopped mattering the day I moved my domain to
  opensrs. If you have no domains pointing to a host record, you stop
  feeding that host record to the root name servers, as you should.
  Are you sure nothing whatsoever is pointing to it anymore?
- Yes.
- Ok, then why are you still feeding it to the root name servers
- Because it's in our databasse
- And why don't you do it for ns2.merlins.org?
- Errr.... Hold on.
  (wait)
  That's because the hostname is 'www'
- Let me get this straight. You're telling me that you continue to feed an
  orphaned host name record because it has 'www' in its name?
- Yes
- Aaaarrrrgggghhh! (eating desk)
- So what now?
- Ok, submit the deletion form by Email, get the tracking number, print this
  different form, add the tracking number on there, and fax it to us

Swell. I fill the form
(http://www.networksolutions.com/en_US/makechanges/fax/hostform.html),
confirm:

"Domain Not Found!

"svlug.org" domain cannot be found in WHOIS Database. Please go back to the
previous screen and enter a valid domain name."
(of course, svlug.org was moved to opensrs)

Arggggh! I'm going to kill someone....


I printed the unconfirmed web form,  added their error message and faxed all
that to two of their fax numbers (with picture ID).

Their  cluelessness  allows   for  very  nice  denial   of  service  attacks
(www.svlug.org has been unusable for 2 months now)


This is probably going to get fixed after a lot of wasted time, but I'd like
to  understand why  the hell  they're still  feeding the  www.svlug.org host
record to the root name servers (sorry,  but I didn't quite buy the "because
it has www in its name" explaination)
In this  case, the web  server isn't the most  important thing in  the world
(and  svlug.org resolves  right), but  understanding what's  happening would
help if one day the same happens to an revenue generating web server.

Thanks,
Marc
-- 
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking
  
Home page: http://marc.merlins.org/   |   Finger [email protected] for PGP key