[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Mailing list problem
Hi Brian,
Thank you for pointing out the problem it's been fixed now. I've removed
computerpoint.co.ug (actually this is not our server, I suppose it was not
set up correctly) in addition to the other non-functional ones.
The nameservers for uol.co.ug are now:
wawa.eahd.or.ug 216.129.132.164
ip.cfi.co.ug 212.88.97.141
spice.eahd.or.ug 216.250.215.44
Where wawa.eahd.or.ug is authoritative. These changes should take effect
very soon depending on when the caches on other nameservers expire.
However, the root UG nameserver (web.eahd.or.ug) and the other 3 now give
the correct records.
Cheers,
Gerald.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Begumisa Gerald M.
Programmer / Systems Administrator
Computer Frontiers International
Plot 32 Lumumba Avenue, Kampala
Tel: 256 41 340417
Fax: 256 41 340456
Web: www.cfi.co.ug
On Tue, 3 Dec 2002, Brian Candler wrote:
> On Tue, Dec 03, 2002 at 10:22:13AM -0000, KONE wrote:
> > Hello !
> > I am subscribing to afnog mailing list. The problem isthe following
> > when I post a mail, it isn't transmited to the mailing list but, I
> > receive the mail posting by mailing list users.
> > Help
>
> Did you get any bounce message in response to your posting?
> Do you have access to mailserver logs on the machine which sent the mail, or
> which relayed it?
>
> I noticed a problem with the 'afnog.org' domain yesterday, where its MX
> record pointed to a host (uol.co.ug) which did not exist.
>
> Actually, I've just investigated a bit more, and the DNS information for the
> uol.co.ug domain is inconsistent - i.e. there is a random chance it will
> work or not work, depending on which server your cache talks to.
>
> It turns out one of the nameservers (computerpoint.co.ug) is giving out
> poisoned information. This is a serious problem. The details are below for
> the uol.co.ug people to look at.
>
> Regards,
>
> Brian.
>
> ---------------------------------------------------------------------------
>
> $ dig at a.root-servers.net. ug. ns
> ;; ANSWER SECTION:
> ug. 2D IN NS NS.ICANN.ORG.
> ug. 2D IN NS WEB.EAHD.OR.ug.
> ug. 2D IN NS DEMON.MTN.CO.ug.
> ug. 2D IN NS NS.RIPE.NET.
> ug. 2D IN NS NS.SANYUTEL.COM.
>
> ;; ADDITIONAL SECTION:
> NS.ICANN.ORG. 2D IN A 192.0.34.126
> WEB.EAHD.OR.ug. 2D IN A 216.129.132.179
> DEMON.MTN.CO.ug. 2D IN A 212.88.97.20
> NS.RIPE.NET. 2D IN A 193.0.0.193
> NS.SANYUTEL.COM. 2D IN A 216.250.215.10
>
> Next: query these five machines for uol.co.ug. (A record)
>
> In four cases you get back a referral (fine):
> ;; AUTHORITY SECTION:
> uol.co.ug. 4H IN NS wawa.eahd.or.ug.
> uol.co.ug. 4H IN NS spice.eahd.or.ug.
> uol.co.ug. 4H IN NS computerpoint.co.ug.
> uol.co.ug. 4H IN NS sentry.bushnet.net.
> uol.co.ug. 4H IN NS webnation.co.ug.
>
> ;; ADDITIONAL SECTION:
> wawa.eahd.or.ug. 4H IN A 216.129.132.164
> spice.eahd.or.ug. 4H IN A 216.250.215.44
>
> When you query 212.88.97.20 (DEMON.MTN.CO.ug.) you get a cached,
> non-authoritative answer - i.e. this is a lame delegation
>
> Next look for NS records within the zone:
>
> for i in 216.129.132.164 216.250.215.44 computerpoint.co.ug. \
> sentry.bushnet.net. webnation.co.ug.; do dig at $i uol.co.ug. ns; done
>
>
> The first two give:
>
> ;; ANSWER SECTION:
> uol.co.ug. 6H IN NS sentry.bushnet.net.
> uol.co.ug. 6H IN NS wawa.eahd.or.ug.
> uol.co.ug. 6H IN NS spice.eahd.or.ug.
> uol.co.ug. 6H IN NS janus.webnation.co.ug.
>
> ;; ADDITIONAL SECTION:
> wawa.eahd.or.ug. 6H IN A 216.129.132.164
> spice.eahd.or.ug. 6H IN A 216.250.215.44
>
> [This is inconsistent with the delegation. Choose whichever are the
> nameservers which are authoritative for this zone, and put the same set of
> NS records both within the zone and in the delegating zone]
>
> The third one says authoritatively that the domain does not exist:
>
> ; <<>> DiG 8.3 <<>> at computerpoint.co.ug. uol.co.ug. ns
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;; uol.co.ug, type = NS, class = IN
>
> ;; AUTHORITY SECTION:
> . 1H IN SOA cpl2000.computerpoint.co.ug. admin. (
> 9 ; serial
> 15M ; refresh
> 10M ; retry
> 1D ; expiry
> 1H ) ; minimum
>
> In fact it is claiming to be authoritative for the entire DNS! This is
> poisoning anyone who queries it.
>
> The fourth gives "SERVFAIL" and the fifth does not even exist...
>
> $ nslookup webnation.co.ug.
> *** can't find webnation.co.ug.: Non-existent host/domain
>
> So out of the three working servers, you have a 1 in 3 chance of hitting the
> extremely broken "computerpoint.co.ug" which says that uol.co.ug. does not
> exist - and therefore you won't be able to send mail to afnog at afnog.org
> until that information times out, since the MX record for afnog.org points
> at uol.co.ug
>
> $ dig at computerpoint.co.ug. uol.co.ug. a
>
> ; <<>> DiG 8.3 <<>> at computerpoint.co.ug. uol.co.ug. a
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> ;; QUERY SECTION:
> ;; uol.co.ug, type = A, class = IN
>
> ;; AUTHORITY SECTION:
> . 1H IN SOA cpl2000.computerpoint.co.ug. admin. (
> 9 ; serial
> 15M ; refresh
> 10M ; retry
> 1D ; expiry
> 1H ) ; minimum
>
>
> ;; Total query time: 3731 msec
> ;; FROM: bloodhound.uk.tiscali.com to SERVER: computerpoint.co.ug. 195.238.52.191
> ;; WHEN: Tue Dec 3 11:01:38 2002
> ;; MSG SIZE sent: 27 rcvd: 94
>
> Querying "janus.webnation.co.ug" also gives a cached response, so this is
> also lame.
>
> In all, only two servers are working: wawa and spice.
>
> So what you need to do is decide whether or not to fix the others, and then
> set both the delegation and the zone NS records to point to the working
> servers. Most important of all is to remove the delegation to
> "computerpoint.co.ug" since it is giving wrong authoritative answers.
>
>
> -----
> This is the afnog mailing list, managed by Majordomo 1.94.5
>
> To send a message to this list, e-mail afnog at afnog.org
> To send a request to majordomo, e-mail majordomo at afnog.org and put
> your request in the body of the message (i.e use "help" for help)
>
> This list is maintained by owner-afnog at afnog.org
>
-----
This is the afnog mailing list, managed by Majordomo 1.94.5
To send a message to this list, e-mail afnog at afnog.org
To send a request to majordomo, e-mail majordomo at afnog.org and put
your request in the body of the message (i.e use "help" for help)
This list is maintained by owner-afnog at afnog.org