[sf-lug] (forw) SF-LUG pages
jim
jim at well.com
Thu Jan 19 17:30:15 PST 2012
More thanks, Rick. I'll attack this within the
next few days and report progress (or its lack).
On Thu, 2012-01-19 at 17:11 -0800, Rick Moen wrote:
> Quoting jim (jim at systemateka.com):
>
> > I guess I'll have to move the sf-lug.org web
> > site to a new host and repoint the domain name.
> > The current host system is not under my control.
>
>
>
> Sorry to hear about that. It's a bit of a pain in the neck, when that
> happens.
>
> Let's see where hte autoritative DNS is:
>
> $ whois sf-lug.org | grep 'Name Server'
> Name Server:NS41.WORLDNIC.COM
> Name Server:NS42.WORLDNIC.COM
> Name Server:
> Name Server:
> Name Server:
> Name Server:
> Name Server:
> Name Server:
> Name Server:
> Name Server:
> Name Server:
> Name Server:
> Name Server:
> $
>
> POINT1: Whoever controls the LUG's domain has elected to have only two
> nameservers. This is a serious mistake. It makes your domain fragile.
> RFC recommendation is minimum 3, maximum 7 authoritative nameservers.
>
> POINT2: It's disapointing that SF-LUG has completely outsourced DNS
> and isn't even running its master nameserver. It's not difficult, and I
> can handhold you to get you going.
>
> Let's check where the master serivce is, and verify that the two servers
> are at least serving the same zonefile S/N:
>
> $ dig -t soa sf-lug.org. @NS41.WORLDNIC.COM. +short
> NS41.WORLDNIC.COM. namehost.WORLDNIC.COM. 111062022 10800 3600 604800 3600
> $ dig -t soa sf-lug.org. @NS42.WORLDNIC.COM. +short
> NS41.WORLDNIC.COM. namehost.WORLDNIC.COM. 111062022 10800 3600 604800 3600
> $
>
> Good: They are serving the same S/N (sufficient proof that they're
> providing the same version of the data), and the master copy's claimed
> to be the one at NS41.WORLDNIC.COM.
>
>
> POINT3: Contact names/mailboxes in sf-lug.org's public domain records
> are a total train wreck -- completely broken.
>
> The public 'whois' records are the official method for reaching domain
> officials and owners, e.g., to say 'Dude, your DNS is broken' or many
> other things -- including warning notices about upcoming domain
> expirations. The sf-lug.org domain is (wisely) registered out to the
> middle of next year, so it's not going to expire soon, but it's a very
> bad idea for lots of other reasons to have your public contact
> information be broken.
>
> Public points of contact are: Registrant, Admin Contact, Technical
> Contact. SF-LUG's domain data _fail_ to specify a named person for any
> of those roles, and (worse) shows 'no.valid.email at worldnic.com' as the
> contact mailbox for all three roles.
>
> These are serious problems.
>
>
>
> FYI, I continue to offer SF-LUG and similar groups slave (secondary) DNS
> nameservice at two highly reliable nameservers over which I have
> administrative control:
>
> NS1.LINUXMAFIA.COM IP address 198.144.195.186
> NS1.SVLUG.ORG IP address 64.62.190.98
>
> Groups wishing to take up that offer should make sure my IPs are
> permitted to do AXFR/IXFR zone transfer requests of your zone(s), then
> tell me you'd like me to do slave nameservice (and for what zones,
> served by what master nameserver IPs). I will let you know when that's
> set up and tested, and you _then_ add my nameservers to the
> authoritative list in your domain, plus add 'NS' lines pointing to them
> in your zonefile. (Don't try to do the above in a different order, or
> you may break your DNS and waste your time.)
>
>
>
> _______________________________________________
> sf-lug mailing list
> sf-lug at linuxmafia.com
> http://linuxmafia.com/mailman/listinfo/sf-lug
> Information about SF-LUG is at http://www.sf-lug.org/
More information about the sf-lug
mailing list