Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

WHOIS host records and ip addresses



Thanks, but that's showing me DNS data, not WHOIS data.
The problem was, I had NS records in DNS of the form

    names1.example.com      10.1.1.21
    names2.example.com      20.2.3.22
    names3.example.com      30.3.0.23

WHOIS showed my nameservers as

    names1.example.com
    names2.example.com
    names3.example.com


But when my primary went down, and the TTLs expired, the secondary
nameservers were never being queried, and lookups just failed, When
I dug through my NetSol account to look for the ip addresses, I eventually
found it had something like

    names1.example.com      10.1.1.21
    names2.example.com      80.2.3.22
    names3.example.com      30.3.0.22


The primary DNS was correct, but the other two didn't match my DNS.
One was the old address of a secondary from before they switched ISPs,
and the other was off by one in the final octet.

As I recall, the only time I got to see the ip addresses was when I went
to add additional nameservers to the account at NetSol. At no other time
were the ip addresses visible.

My conclusion was that WHOIS contains host records separate from DNS, and
that the host records don't necessarily match the corresponding DNS records.

So my questions is, How do I view the HOST records in WHOIS, not in DNS?



On Thu, Aug 12, 2010 at 12:02 PM, Matt Shields <matt-urrlRJtNKRMsHrnhXWJB8w at public.gmane.org> wrote:
> On Thu, Aug 12, 2010 at 11:36 AM, John Abreau <jabr-mNDKBlG2WHs at public.gmane.org> wrote:
>>
>> I recently suffered a DNS outage where the primary DNS server was down
>> for a weekend,
>> and the WHOIS data apparently had the wrong ip addresses. The NS records
>> in my
>> DNS server were correct, but when it was down, the host records at
>> WHOIS had ip addresses
>> that didn't match what was in DNS, and our zone disappeared until I
>> edited the WHOIS data.
>>
>> The "whois" command doesn't show the ip addresses like it used to; now
>> all it shows are
>> the domain names of the nameservers. And since they don't necessarily
>> match what's
>> in DNS, that's not acceptable.
>>
>> How can I do a WHOIS lookup that will show the ip addresses of the
>> HOST records that
>> Network Solutions maintains separate from DNS?
>>
>>
>>
>> --
>> John Abreau / Executive Director, Boston Linux & Unix
>> AIM abreauj / JABBER jabr-iMZfmuK6BGBxLiRVyXs8+g at public.gmane.org / YAHOO abreauj / SKYPE
>> zusa_it_mgr
>> Email jabr-mNDKBlG2WHs at public.gmane.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
>> PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
>> _______________________________________________
>> Discuss mailing list
>> Discuss-mNDKBlG2WHs at public.gmane.org
>> http://lists.blu.org/mailman/listinfo/discuss
>
>
> Whois will show you what you registered for your nameservers, but not the
> IPs your hosting provider registered for their domain.? Try dig with +trace
> and +all
>
> yukon1:~ mshields$ dig www.sysadminvalley.com +trace +all
>
> ; <<>> DiG 9.6.0-APPLE-P2 <<>> www.sysadminvalley.com +trace +all
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59069
> ;; flags: qr ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
>
> ;; QUESTION SECTION:
> ;.??? ??? ??? ??? IN??? NS
>
> ;; ANSWER SECTION:
> .??? ??? ??? 19975??? IN??? NS??? f.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? j.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? a.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? g.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? l.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? m.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? i.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? b.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? e.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? h.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? d.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? c.root-servers.net.
> .??? ??? ??? 19975??? IN??? NS??? k.root-servers.net.
>
> ;; ADDITIONAL SECTION:
> f.root-servers.net.??? 86371??? IN??? A??? 192.5.5.241
> j.root-servers.net.??? 86371??? IN??? A??? 192.58.128.30
> a.root-servers.net.??? 86371??? IN??? A??? 198.41.0.4
> g.root-servers.net.??? 86371??? IN??? A??? 192.112.36.4
> l.root-servers.net.??? 86371??? IN??? A??? 199.7.83.42
> m.root-servers.net.??? 86371??? IN??? A??? 202.12.27.33
> i.root-servers.net.??? 86371??? IN??? A??? 192.36.148.17
> b.root-servers.net.??? 86371??? IN??? A??? 192.228.79.201
> e.root-servers.net.??? 86371??? IN??? A??? 192.203.230.10
> h.root-servers.net.??? 86371??? IN??? A??? 128.63.2.53
> d.root-servers.net.??? 86371??? IN??? A??? 128.8.10.90
> c.root-servers.net.??? 86371??? IN??? A??? 192.33.4.12
> k.root-servers.net.??? 86371??? IN??? A??? 193.0.14.129
>
> ;; Query time: 10 msec
> ;; SERVER: 192.168.100.7#53(192.168.100.7)
> ;; WHEN: Thu Aug 12 11:58:38 2010
> ;; MSG SIZE? rcvd: 449
>
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37790
> ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 14
>
> ;; QUESTION SECTION:
> ;www.sysadminvalley.com.??? ??? IN??? A
>
> ;; AUTHORITY SECTION:
> com.??? ??? ??? 172800??? IN??? NS??? a.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? b.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? c.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? d.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? e.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? f.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? g.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? h.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? i.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? j.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? k.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? l.gtld-servers.net.
> com.??? ??? ??? 172800??? IN??? NS??? m.gtld-servers.net.
>
> ;; ADDITIONAL SECTION:
> a.gtld-servers.net.??? 172800??? IN??? A??? 192.5.6.30
> b.gtld-servers.net.??? 172800??? IN??? A??? 192.33.14.30
> c.gtld-servers.net.??? 172800??? IN??? A??? 192.26.92.30
> d.gtld-servers.net.??? 172800??? IN??? A??? 192.31.80.30
> e.gtld-servers.net.??? 172800??? IN??? A??? 192.12.94.30
> f.gtld-servers.net.??? 172800??? IN??? A??? 192.35.51.30
> g.gtld-servers.net.??? 172800??? IN??? A??? 192.42.93.30
> h.gtld-servers.net.??? 172800??? IN??? A??? 192.54.112.30
> i.gtld-servers.net.??? 172800??? IN??? A??? 192.43.172.30
> j.gtld-servers.net.??? 172800??? IN??? A??? 192.48.79.30
> k.gtld-servers.net.??? 172800??? IN??? A??? 192.52.178.30
> l.gtld-servers.net.??? 172800??? IN??? A??? 192.41.162.30
> m.gtld-servers.net.??? 172800??? IN??? A??? 192.55.83.30
> a.gtld-servers.net.??? 172800??? IN??? AAAA??? 2001:503:a83e::2:30
>
> ;; Query time: 51 msec
> ;; SERVER: 193.0.14.129#53(k.root-servers.net)
> ;; WHEN: Thu Aug 12 11:58:39 2010
> ;; MSG SIZE? rcvd: 503
>
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1194
> ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;www.sysadminvalley.com.??? ??? IN??? A
>
> ;; AUTHORITY SECTION:
> sysadminvalley.com.??? 172800??? IN??? NS??? ns1.beantownhost.com.
> sysadminvalley.com.??? 172800??? IN??? NS??? ns2.beantownhost.com.
>
> ;; ADDITIONAL SECTION:
> ns1.beantownhost.com.??? 172800??? IN??? A??? 209.160.26.114
> ns2.beantownhost.com.??? 172800??? IN??? A??? 209.160.26.176
>
> ;; Query time: 27 msec
> ;; SERVER: 192.41.162.30#53(l.gtld-servers.net)
> ;; WHEN: Thu Aug 12 11:58:40 2010
> ;; MSG SIZE? rcvd: 121
>
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56299
> ;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;www.sysadminvalley.com.??? ??? IN??? A
>
> ;; ANSWER SECTION:
> www.sysadminvalley.com.??? 300??? IN??? CNAME??? sysadminvalley.com.
> sysadminvalley.com.??? 300??? IN??? A??? 209.160.37.69
>
> ;; AUTHORITY SECTION:
> sysadminvalley.com.??? 86400??? IN??? NS??? ns1.beantownhost.com.
> sysadminvalley.com.??? 86400??? IN??? NS??? ns2.beantownhost.com.
>
> ;; ADDITIONAL SECTION:
> ns1.beantownhost.com.??? 14400??? IN??? A??? 209.160.26.114
> ns2.beantownhost.com.??? 14400??? IN??? A??? 209.160.26.176
>
> ;; Query time: 88 msec
> ;; SERVER: 209.160.26.114#53(ns1.beantownhost.com)
> ;; WHEN: Thu Aug 12 11:58:40 2010
> ;; MSG SIZE? rcvd: 151
>
>
> -matt
>
>
>



-- 
John Abreau / Executive Director, Boston Linux & Unix
AIM abreauj / JABBER jabr-iMZfmuK6BGBxLiRVyXs8+g at public.gmane.org / YAHOO abreauj / SKYPE zusa_it_mgr
Email jabr-mNDKBlG2WHs at public.gmane.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99







BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org