WHOIS host records and ip addresses
John Abreau
jabr-mNDKBlG2WHs at public.gmane.org
Thu Aug 12 12:35:07 EDT 2010
Thanks, but that's showing me DNS data, not WHOIS data.
The problem was, I had NS records in DNS of the form
names1.example.com 10.1.1.21
names2.example.com 20.2.3.22
names3.example.com 30.3.0.23
WHOIS showed my nameservers as
names1.example.com
names2.example.com
names3.example.com
But when my primary went down, and the TTLs expired, the secondary
nameservers were never being queried, and lookups just failed, When
I dug through my NetSol account to look for the ip addresses, I eventually
found it had something like
names1.example.com 10.1.1.21
names2.example.com 80.2.3.22
names3.example.com 30.3.0.22
The primary DNS was correct, but the other two didn't match my DNS.
One was the old address of a secondary from before they switched ISPs,
and the other was off by one in the final octet.
As I recall, the only time I got to see the ip addresses was when I went
to add additional nameservers to the account at NetSol. At no other time
were the ip addresses visible.
My conclusion was that WHOIS contains host records separate from DNS, and
that the host records don't necessarily match the corresponding DNS records.
So my questions is, How do I view the HOST records in WHOIS, not in DNS?
On Thu, Aug 12, 2010 at 12:02 PM, Matt Shields <matt-urrlRJtNKRMsHrnhXWJB8w at public.gmane.org> wrote:
> On Thu, Aug 12, 2010 at 11:36 AM, John Abreau <jabr-mNDKBlG2WHs at public.gmane.org> wrote:
>>
>> I recently suffered a DNS outage where the primary DNS server was down
>> for a weekend,
>> and the WHOIS data apparently had the wrong ip addresses. The NS records
>> in my
>> DNS server were correct, but when it was down, the host records at
>> WHOIS had ip addresses
>> that didn't match what was in DNS, and our zone disappeared until I
>> edited the WHOIS data.
>>
>> The "whois" command doesn't show the ip addresses like it used to; now
>> all it shows are
>> the domain names of the nameservers. And since they don't necessarily
>> match what's
>> in DNS, that's not acceptable.
>>
>> How can I do a WHOIS lookup that will show the ip addresses of the
>> HOST records that
>> Network Solutions maintains separate from DNS?
>>
>>
>>
>> --
>> John Abreau / Executive Director, Boston Linux & Unix
>> AIM abreauj / JABBER jabr-iMZfmuK6BGBxLiRVyXs8+g at public.gmane.org / YAHOO abreauj / SKYPE
>> zusa_it_mgr
>> Email jabr-mNDKBlG2WHs at public.gmane.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
>> PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
>> _______________________________________________
>> Discuss mailing list
>> Discuss-mNDKBlG2WHs at public.gmane.org
>> http://lists.blu.org/mailman/listinfo/discuss
>
>
> Whois will show you what you registered for your nameservers, but not the
> IPs your hosting provider registered for their domain. Try dig with +trace
> and +all
>
> yukon1:~ mshields$ dig www.sysadminvalley.com +trace +all
>
> ; <<>> DiG 9.6.0-APPLE-P2 <<>> www.sysadminvalley.com +trace +all
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59069
> ;; flags: qr ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 13
>
> ;; QUESTION SECTION:
> ;. IN NS
>
> ;; ANSWER SECTION:
> . 19975 IN NS f.root-servers.net.
> . 19975 IN NS j.root-servers.net.
> . 19975 IN NS a.root-servers.net.
> . 19975 IN NS g.root-servers.net.
> . 19975 IN NS l.root-servers.net.
> . 19975 IN NS m.root-servers.net.
> . 19975 IN NS i.root-servers.net.
> . 19975 IN NS b.root-servers.net.
> . 19975 IN NS e.root-servers.net.
> . 19975 IN NS h.root-servers.net.
> . 19975 IN NS d.root-servers.net.
> . 19975 IN NS c.root-servers.net.
> . 19975 IN NS k.root-servers.net.
>
> ;; ADDITIONAL SECTION:
> f.root-servers.net. 86371 IN A 192.5.5.241
> j.root-servers.net. 86371 IN A 192.58.128.30
> a.root-servers.net. 86371 IN A 198.41.0.4
> g.root-servers.net. 86371 IN A 192.112.36.4
> l.root-servers.net. 86371 IN A 199.7.83.42
> m.root-servers.net. 86371 IN A 202.12.27.33
> i.root-servers.net. 86371 IN A 192.36.148.17
> b.root-servers.net. 86371 IN A 192.228.79.201
> e.root-servers.net. 86371 IN A 192.203.230.10
> h.root-servers.net. 86371 IN A 128.63.2.53
> d.root-servers.net. 86371 IN A 128.8.10.90
> c.root-servers.net. 86371 IN A 192.33.4.12
> k.root-servers.net. 86371 IN A 193.0.14.129
>
> ;; Query time: 10 msec
> ;; SERVER: 192.168.100.7#53(192.168.100.7)
> ;; WHEN: Thu Aug 12 11:58:38 2010
> ;; MSG SIZE rcvd: 449
>
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37790
> ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 14
>
> ;; QUESTION SECTION:
> ;www.sysadminvalley.com. IN A
>
> ;; AUTHORITY SECTION:
> com. 172800 IN NS a.gtld-servers.net.
> com. 172800 IN NS b.gtld-servers.net.
> com. 172800 IN NS c.gtld-servers.net.
> com. 172800 IN NS d.gtld-servers.net.
> com. 172800 IN NS e.gtld-servers.net.
> com. 172800 IN NS f.gtld-servers.net.
> com. 172800 IN NS g.gtld-servers.net.
> com. 172800 IN NS h.gtld-servers.net.
> com. 172800 IN NS i.gtld-servers.net.
> com. 172800 IN NS j.gtld-servers.net.
> com. 172800 IN NS k.gtld-servers.net.
> com. 172800 IN NS l.gtld-servers.net.
> com. 172800 IN NS m.gtld-servers.net.
>
> ;; ADDITIONAL SECTION:
> a.gtld-servers.net. 172800 IN A 192.5.6.30
> b.gtld-servers.net. 172800 IN A 192.33.14.30
> c.gtld-servers.net. 172800 IN A 192.26.92.30
> d.gtld-servers.net. 172800 IN A 192.31.80.30
> e.gtld-servers.net. 172800 IN A 192.12.94.30
> f.gtld-servers.net. 172800 IN A 192.35.51.30
> g.gtld-servers.net. 172800 IN A 192.42.93.30
> h.gtld-servers.net. 172800 IN A 192.54.112.30
> i.gtld-servers.net. 172800 IN A 192.43.172.30
> j.gtld-servers.net. 172800 IN A 192.48.79.30
> k.gtld-servers.net. 172800 IN A 192.52.178.30
> l.gtld-servers.net. 172800 IN A 192.41.162.30
> m.gtld-servers.net. 172800 IN A 192.55.83.30
> a.gtld-servers.net. 172800 IN AAAA 2001:503:a83e::2:30
>
> ;; Query time: 51 msec
> ;; SERVER: 193.0.14.129#53(k.root-servers.net)
> ;; WHEN: Thu Aug 12 11:58:39 2010
> ;; MSG SIZE rcvd: 503
>
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1194
> ;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;www.sysadminvalley.com. IN A
>
> ;; AUTHORITY SECTION:
> sysadminvalley.com. 172800 IN NS ns1.beantownhost.com.
> sysadminvalley.com. 172800 IN NS ns2.beantownhost.com.
>
> ;; ADDITIONAL SECTION:
> ns1.beantownhost.com. 172800 IN A 209.160.26.114
> ns2.beantownhost.com. 172800 IN A 209.160.26.176
>
> ;; Query time: 27 msec
> ;; SERVER: 192.41.162.30#53(l.gtld-servers.net)
> ;; WHEN: Thu Aug 12 11:58:40 2010
> ;; MSG SIZE rcvd: 121
>
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56299
> ;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
>
> ;; QUESTION SECTION:
> ;www.sysadminvalley.com. IN A
>
> ;; ANSWER SECTION:
> www.sysadminvalley.com. 300 IN CNAME sysadminvalley.com.
> sysadminvalley.com. 300 IN A 209.160.37.69
>
> ;; AUTHORITY SECTION:
> sysadminvalley.com. 86400 IN NS ns1.beantownhost.com.
> sysadminvalley.com. 86400 IN NS ns2.beantownhost.com.
>
> ;; ADDITIONAL SECTION:
> ns1.beantownhost.com. 14400 IN A 209.160.26.114
> ns2.beantownhost.com. 14400 IN A 209.160.26.176
>
> ;; Query time: 88 msec
> ;; SERVER: 209.160.26.114#53(ns1.beantownhost.com)
> ;; WHEN: Thu Aug 12 11:58:40 2010
> ;; MSG SIZE rcvd: 151
>
>
> -matt
>
>
>
--
John Abreau / Executive Director, Boston Linux & Unix
AIM abreauj / JABBER jabr-iMZfmuK6BGBxLiRVyXs8+g at public.gmane.org / YAHOO abreauj / SKYPE zusa_it_mgr
Email jabr-mNDKBlG2WHs at public.gmane.org / WWW http://www.abreau.net / PGP-Key-ID 0xD5C7B5D9
PGP-Key-Fingerprint 72 FB 39 4F 3C 3B D6 5B E0 C8 5A 6E F1 2C BE 99
More information about the Discuss
mailing list