DNS Lesson time!

Today, I was just looking into website – ideaisp.net

This site is overall pretty interesting as it’s showing various upstream links of IDEA Cellular ISP backbone. Seems like they are just using Cable & Wireless for most of International bandwidth although IDEA ISP is not functional yet.

Anyways, this post is not about their geeky upstream peers & routing tables but how bad one can setup DNS! 🙂

Looking at DNS servers of domain name ideaisp.net
Check from whois:

   Domain Name: IDEAISP.NET
   Registrar: NET 4 INDIA LIMITED
   Whois Server: whois.net4domains.com
   Referral URL: http://www.net4.in
 Name Server: NS1.IDEAISP.NET Name Server: NS2.IDEAISP.NET
   Status: ok
   Updated Date: 24-jun-2011
   Creation Date: 06-jun-2011
   Expiration Date: 06-jun-2012

All seem pretty much normal but next, check from normal dig (which digs DNS servers):

root@server7:~# dig ideaisp.net ns
; <<>> DiG 9.7.1-P2 <<>> ideaisp.net ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26015
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ideaisp.net.                   IN      NS
;; ANSWER SECTION:
ideaisp.net.            3317    IN      NS      isp-mum-dns1.
;; Query time: 11 msec
;; SERVER: 8.8.4.4#53(8.8.4.4)
;; WHEN: Sat Nov 26 20:48:44 2011
;; MSG SIZE  rcvd: 55

Only one nameservers and that too isp-mum-dns1. huh?!!
Since I had (very) bad day, I decided to dig further into it to keep myself busy.

Here’s the SOA zone file:

 ;; QUESTION SECTION:
 ;ideaisp.net. IN SOA
 ;; ANSWER SECTION:
 ideaisp.net. 3600 IN SOA isp-mum-dns1. hostmaster. 5 900 600 86400 3600

Again – clearly wrong nameserver in SOA too.

So how exactly website is working? What’s really wrong?

Digging further into two nameservers ns1.ideaisp.net and ns2.ideaisp.net (as shown from whois), here’s what we see:

root@server7:~# dig @ns1.ideaisp.net ideaisp.net ns

; <<>> DiG 9.7.1-P2 <<>> @ns1.ideaisp.net ideaisp.net ns
 ; (1 server found)
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60975
 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
 ;ideaisp.net. IN NS

;; ANSWER SECTION:
 ideaisp.net. 3600 IN NS isp-mum-dns1.

;; Query time: 127 msec
 ;; SERVER: 223.196.3.235#53(223.196.3.235)
 ;; WHEN: Sat Nov 26 20:57:29 2011
 ;; MSG SIZE rcvd: 55

root@server7:~# dig @ns2.ideaisp.net ideaisp.net ns

; <<>> DiG 9.7.1-P2 <<>> @ns2.ideaisp.net ideaisp.net ns
 ; (1 server found)
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20103
 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
 ;ideaisp.net. IN NS

;; ANSWER SECTION:
 ideaisp.net. 3600 IN NS isp-mum-dns1.

;; Query time: 127 msec
 ;; SERVER: 223.196.3.236#53(223.196.3.236)
 ;; WHEN: Sat Nov 26 20:57:35 2011
 ;; MSG SIZE rcvd: 55

Clearly there’s no mismatch in records on both servers.

Here’s what’s wrong:

1. Wrong nameserver – rather then isp-mum-dns1. it should be ns1.ideaisp.net
2. Missing secondary nameservers – ns2.ideaisp.net “NS record” is missing from zone delegation

***Updates***