Previous Table of Contents Next You Can't See Me! Let's say that you stop getting email-even "junk" email. You pick up the phone and call your friend Space Monkey, who tells you that his email is getting bounced back to him. He's terribly busy being a successful businessman so he hangs up before you can get details. However, he does mention that he can't get to your Web pages either. You suspect that there's probably an "outside-to-inside" DNS problem, because you can ping everybody in the world and can resolve their DNS addresses inside to outside. So, how do you check the how the outside world looks you up? The first thing you do is (you guessed it) fire up nslookup. Let's start off by checking your DNS server, the most likely culprit: $ nslookup - dns.frob.com Default Server: dns.frob.com Address: 167.195.160.6 > www Server: dns.frob.com Address: 127.0.0.1 Name: wizard.frob.com Address: 167.195.160.10 Aliases: www.frob.com > mail Server: dns.frob.com Address: 127.0.0.1 Name: dragon.frob.com Address: 167.195.160.8 Aliases: mail.frob.com ______________________________________________________________ Many (but not all) DNS servers on the Internet are called "dns" or "ns" to designate whether they're domain name servers or just name servers in general. ______________________________________________________________ Hmm. Everything looks OK from a local standpoint. Well, your DNS server is, in fact, dealing with the world-when it gets queries about your domain, it answers just fine. If this wasn't the case, you would troubleshoot it further: Is it down? Have its data files been corrupted? (If so, you should restore from a backup.) The DNS server is okay, so we'll move on to other possible problems. Using nslookup again, let's find out how the root servers are telling others to look up your server. In other words, we need to look at the SOA record for your domain, starting from the beginning: $ nslookup - moria.co.chatham.ga.us Default Server: moria.co.chatham.ga.us Address: 167.195.160.6 > set type=soa > server a.root-servers.net Default Server: a.root-servers.net Address: 198.41.0.4 > frob.com. Server: a.root-servers.net Address: 198.41.0.4 Authoritative answers can be found from: frob.com nameserver = NS4.frob.com frob.com nameserver = NS2.frob.com NS4.frob.com internet address = 167.195.160.15 NS2.frob.com internet address = 167.195.160.6 Whoa! What's going on? There's an IP address listed here for a server you don't know about. Actually, you do know about it, but it's a server that's due to be rolled out next month, not this month. Apparently, one of your co-workers has jumped the gun and told the powers-that-be on the Internet that your name server has moved to this new address. Unfortunately, your current name server isn't listed due to a paperwork foul-up. A quick visit to the www.internic.net page (the clearinghouse for most domain names) and a discussion with your co-worker fixes this. This scenario is unlikely (although I've seen it happen). However, it gives you an idea of the type of havoc that can go on in the world of DNS. I've even seen companies where a disgruntled system administrator has stolen the domain name after having left the company, leaving the company unable to get email or Web visits from the outside. Eek! Can this happen? Unfortunately, yes. Two contacts are listed on a DNS entry: the administrative contact and the technical contact. If a system administrator lists himself as both, he can do an address change to his home address and then, after leaving the company, change the SOA record to something else. There's not a lot you can do about this (from a technical standpoint). Your best bet is to pursue this from a business standpoint: Let the InterNIC (www.internic.net) know what's happened and enter into a "domain name dispute." More than likely, you'll be able to get your domain name back without having to get legal-eagle about it. Previous Table of Contents Next