Poor DNS setup from Idea ISP

DNS Lesson time!

Today, I was just looking into website - ideaisp.net

This site is overall pretty interesting as it’s showing various upstream links of IDEA Cellular ISP backbone. Seems like they are just using Cable & Wireless for most of International bandwidth although IDEA ISP is not functional yet. Anyways, this post is not about their geeky upstream peers & routing tables but how bad one can setup DNS! :)

Looking at DNS servers of domain name ideaisp.net
Check from whois:

Domain Name: IDEAISP.NET
Registrar: NET 4 INDIA LIMITED
Whois Server: whois.net4domains.com
Referral URL: http://www.net4.in
Name Server: NS1.IDEAISP.NET Name Server: NS2.IDEAISP.NET
Status: ok
Updated Date: 24-jun-2011
Creation Date: 06-jun-2011
Expiration Date: 06-jun-2012

All seem pretty much normal but next, check from normal dig (which digs DNS servers):

root@server7:~# dig ideaisp.net ns
; <<>> DiG 9.7.1-P2 <<>> ideaisp.net ns
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26015
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;ideaisp.net.                   IN      NS
;; ANSWER SECTION:
ideaisp.net.            3317    IN      NS      isp-mum-dns1.
;; Query time: 11 msec
;; SERVER: 8.8.4.4#53(8.8.4.4)
;; WHEN: Sat Nov 26 20:48:44 2011
;; MSG SIZE  rcvd: 55

Only one nameservers and that too isp-mum-dns1. huh?!!
Since I had (very) bad day, I decided to dig further into it to keep myself busy.

Here’s the SOA zone file:

 ;; QUESTION SECTION:
 ;ideaisp.net. IN SOA
 ;; ANSWER SECTION:
 ideaisp.net. 3600 IN SOA isp-mum-dns1. hostmaster. 5 900 600 86400 3600

Again - clearly wrong nameserver in SOA too.

So how exactly website is working? What’s really wrong?

Digging further into two nameservers ns1.ideaisp.net and ns2.ideaisp.net (as shown from whois), here’s what we see:

root@server7:~# dig @ns1.ideaisp.net ideaisp.net ns

; <<>> DiG 9.7.1-P2 <<>> @ns1.ideaisp.net ideaisp.net ns
 ; (1 server found)
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60975
 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
 ;ideaisp.net. IN NS

;; ANSWER SECTION:
 ideaisp.net. 3600 IN NS isp-mum-dns1.

;; Query time: 127 msec
 ;; SERVER: 223.196.3.235#53(223.196.3.235)
 ;; WHEN: Sat Nov 26 20:57:29 2011
 ;; MSG SIZE rcvd: 55
root@server7:~# dig @ns2.ideaisp.net ideaisp.net ns

; <<>> DiG 9.7.1-P2 <<>> @ns2.ideaisp.net ideaisp.net ns
 ; (1 server found)
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20103
 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
 ;ideaisp.net. IN NS

;; ANSWER SECTION:
 ideaisp.net. 3600 IN NS isp-mum-dns1.

;; Query time: 127 msec
 ;; SERVER: 223.196.3.236#53(223.196.3.236)
 ;; WHEN: Sat Nov 26 20:57:35 2011
 ;; MSG SIZE rcvd: 55

Clearly there’s no mismatch in records on both servers.

Here’s what’s wrong:

  1. Wrong nameserver - rather then isp-mum-dns1. it should be ns1.ideaisp.net
  2. Missing secondary nameservers - ns2.ideaisp.net “NS record” is missing from zone delegation

Let’s hope someone @ IdeaCellular might read this post and considers fixing these issues.

Thanks for reading, have good day ahead!


Updates

Based on recent comment from Mr Sumit Menaria, from IDEA Cellular - this issue has been fixed.

Quick check to verify:

DNS servers at root: 

Domain Name: IDEAISP.NET  
Registrar: NET 4 INDIA LIMITED  
Whois Server: whois.net4domains.com  
Referral URL: http://www.net4.in   
Name Server: NS1.IDEAISP.NET  
Name Server: NS2.IDEAISP.NET  
Status: ok  
Updated Date: 04-may-2012  
Creation Date: 06-jun-2011  
Expiration Date: 06-jun-2012

Next, checking each of them for NS records:

anurag@laptop ~ $ dig ideaisp.net @NS1.IDEAISP.NET ns +short  
ns1.ideaisp.net.  
ns2.ideaisp.net.

anurag@laptop ~ $ dig ideaisp.net @NS2.IDEAISP.NET ns +short  
ns2.ideaisp.net.  
ns1.ideaisp.net.

Looks good. Verifying SOA and finally A record: 

anurag@laptop ~ $ dig ideaisp.net @NS1.IDEAISP.NET soa +short  
ns1.ideaisp.net. hostmaster. 8 900 600 86400 3600

anurag@laptop ~ $ dig ideaisp.net @NS2.IDEAISP.NET soa +short  
isp-mum-dns2. hostmaster. 8 900 600 86400 3600

anurag@laptop ~ $ dig ideaisp.net @NS1.IDEAISP.NET a +short  
223.196.3.234

anurag@laptop ~ $ dig ideaisp.net @NS2.IDEAISP.NET a +short  
223.196.3.234

All looks good and well. Good job Mr Sumit! :)