1

About a week ago, I updated my DNS, adding:

HOST, TYPE, VALUE, TTL
*.soup-team.com CNAME www.myopenid.com 3600
mail.soup-team.com CNAME ghs.google.com 3600

HOST, TYPE, VALUE, MX, TTL
soup-team.com MX aspmx.l.google.com 10 3600
soup-team.com MX alt1.aspmx.l.google.com 20 3600
soup-team.com MX alt2.aspmx.l.google.com 20 3600
soup-team.com MX aspmx2.googlemail.com 30 3600
soup-team.com MX aspmx3.googlemail.com 30 3600
soup-team.com MX aspmx4.googlemail.com 30 3600
soup-team.com MX aspmx5.googlemail.com 30 3600

From before, I had:

HOST, TYPE, VALUE, TTL
soup-team.com A 64.120.188.121 3600
soup-team.com NS ns01.000webhost.com 3600
soup-team.com NS ns02.000webhost.com 3600
www.soup-team.com CNAME soup-team.com 3600

Additional details:
The domain is purchased from www.proisp.no
www.everydns.com is used for DNS management.

Now, from home, everything works perfectly, but from the university, neither mail.soup-team.com nor any of the OpenID-related subdomains are working. Instead, an error-message from my webhost (000webhost), is displayed - err.000webhost.com.

I've used OpenDNS's CacheCheck (www.opendns.com/support/cache/) to check their cache as I thought this might help me identify the problem. After requesting a refresh (yesterday, and today), all of their caches point correctly to mail.soup-team.com and most of them to the OpenID-related subdomains (which caches are not updated seems to differ for different usernames).

I have a theory that the problems might be related to some caches ignoring the *.soup-team.com rule and instead querying the 000webhost Name Servers.

So, my questions are:
1) Have I made any sort of misconfiguration?
2) Since I have an A record pointing to the IP of 000webhost, and I'm not using their subdomain option, can I remove the NS records (ns01.000webhost.com and ns02.000webhost.com) without causing other kinds of trouble?

Thanks in advance,

method139

PS: I'm quite new to DNS. If I'm using the wrong words to describe something in this text, I'm more than happy for any feedback related to that as well.

method139
  • 11
  • 3
  • Today, everything seems to work. Are you sure it was not simply the effect of the cache? The old NS records (going to 000webhost) were cached and still used for the duration of the TTL. – bortzmeyer Feb 01 '10 at 15:14

2 Answers2

1

caches ignoring the *.soup-team.com rule

That would be a very big brokeness. It is quite unlikely, wildcards exist in the DNS from the beginning.

bortzmeyer
  • 3,903
  • 1
  • 20
  • 24
0

My theory seems to be correct. From the mentioned CacheCheck, after having refreshed the cache, I followed a link named "Check a third-party tool", and here is what I got:

DNS Traversal for method139.soup-team.com http://folk.uio.no/erikano/img/dns001.png

Note how the 000webhost Name Servers respond "[Broken DNS server: Reports that it refuses to respond!]". Yet the main website (soup-team.com) still work.

This means that since I only host the main site at 000webhost, and I have a working A rule, I won't need the two mentioned rules.

PS: I will soon change the OpenID from username.<domain> to username.id.<domain> (as I think username.<domain> should be used for other purposes than just OpenID), so if anyone attempts to check it for themselves at a (much) later point, the output that they get from the tool will be different. And, of course, if I am correct in my theory, the problem will soon be resolved, so you won't see the same anyhow.

method139
  • 11
  • 3