Er… oops?

Okay, kids, this is going to be a rather technical post. If you’re not into such things, go ahead and skip this one. :-)

Anyway… I’m probably jumping the gun on an announcement Sean MC probably wanted to make, but it’s kinda integral to this story. A week and a half ago, he asked me if I could host his and Jinny’s sites on my web server. I said sure, and once I got back from Las Vegas, we worked to get his and Jinny’s sites up and running on my main server. We got it all up and running, with one minor problem: the domain names refused to resolve. I had the entries set up correctly on both my DNS server and the MK Online DNS server (which was going to be the slave server), so I was reasonably confident that the problem was with Sean’s domain name registrar. It turned out that the problem WAS on my end… but in the process it not only revealed something I didn’t know about DNS, it exposed a rather glaring error on my part that had been around for over a year. :-/

Apparently, in order for a DNS server to be set up as an authoritative server for a domain, it needs to be “registered” with the registrar. In other words, the hostname and corresponding IP address need to be entered in. I had told Sean to set up his domains with the servers ns.darquecathedral.org and ns.mortalkombatonline.com as authoritative. I had thought that as long as it was a working domain name, it should work. It didn’t. ns.darquecathedral.org wasn’t registered, so it didn’t work. What was frightening, though, was what was happening with ns.mortalkombatonline.com. According to Sean it was coming back as the IP address for MY DNS server. I did some checking, and came to a rather disturbing revelation.

As near as I can tell, when a hostname is “registered” through a registrar, it actually overrides whatever the DNS server for that domain says. Back when I bought the domain name mortalkombatonline.com, MK Online was actually known by the name MK5.ORG. I had originally registered mortalkombatonline.com for something else, and had registered ns.mortalkombatonline.com to my DNS server’s IP address. A couple of months later, though, I transferred the domain ownership to CCShadow, as we had decided then that it would be in our best interests to switch the site’s name to something a little bit more universal. However, I had completely forgotten that ns.mortalkombatonline.com was registered to my DNS server’s IP address… and even if I HAD remembered I wouldn’t have considered it important. So, for the past year and three quarters, every DNS server except the MK Online ones were resolving ns.mortalkombatonline.com to MY DNS server instead of MK Online’s; seeing as ns.mortalkombatonline.com was set as the main authoritative DNS server, everyone was thinking MY DNS server was authoritative for MK Online instead of MK Online’s server. Only the fact that we had secondary DNS servers configured kept us from learning about this screw-up MUCH sooner.

… on the other hand, this does explain why I kept getting so many “cache query denied” errors in my DNS server’s logs. DNS servers all throughout the net would keep hitting my DNS server thinking it was authoritative, but my DNS server wasn’t configured as such, so it kept denying the queries.

So, what have I done to fix this? First of all, I’ve since set my DNS server up as a slave DNS server for mortalkombatonline.com (it’ll accept queries for it, and get the domain information from the MK Online DNS server) in the meantime. Therefore, my DNS server will answer queries concerning mortalkombatonline.com. (I’ve already seen a remarkable lack of cache query denied errors in the logs since doing so.) When CCShadow comes back from his trip, I’ll have him change the registration of ns.mortalkombatonline.com to the correct server. As for Sean and Jinny… I’ve worked with Sean to get it reconfigured where the registered name for my DNS server and Sinc’s DNS server are authoritative, and three of the four domains are already up and running. The fourth one should be back up and running anytime now.

That’s one thing I’ll say about this experience… I can never say I know everything there is to know about a subject, because right when you least expect it something will jump up and bite you in the ass. :-)