Need DNS Help

13 posts / 0 new
Last post
#1 Fri, 03/19/2010 - 21:04

Need DNS Help

I have a site that doesn't come up sometimes... instead, the default site on the SECONDARY nameserver appears - even though the site is hosted on the primary nameserver's box.

I can't figure it out, and I need to right away before I get fired.

IntoDNS is reporting:

Looks like the A records (the GLUE) got from the parent zone check are different than the ones got from your nameservers. You have to make sure your parent server has the same NS records for your zone as you do.I detected some problems as follows: For the parent reported: [''] and your nameservers reported: ['xx.xx.xx.186', 'yy.yyy.yyy.yy']

What does this mean?

Help, please...

Thanks, Tony

Fri, 03/19/2010 - 21:12
ronald's picture

for the registered nameservers at the parent (registrar) you need to make A records on your box. Well you did but apparently there are differences.

at the registrar your register nameservers. with IP.
This IP will be your glue on your box, this is done as A record. Those two IP's obviously must be the same as they are the same.

Fri, 03/19/2010 - 21:22

Do you mean an "A" record pointing to the domain, or just that I have to set the IP for the name servers?


Sat, 03/20/2010 - 06:56 (Reply to #3)
ronald's picture

ns1.domain.tld. Default

Sat, 03/20/2010 - 02:32

Also, at least two of my domains are returning the ip address of the secondary name server itself, instead of the ip address of the primary, which is where the website is...

eg., I just noticed that intodns says

The MX records that are not the same at all your nameservers: with ip(s): reported only by: with ip(s): yy.yyy.yyy.yy reported only by: yy.yyy.yyy.yy It is better to have the same MX records at all your nameservers!

But BOTH NAMESERVERS have the record yy.yyy.yyy.yy

In their zone.... what on earth could possibly be causing this? I don't have access to the registrar where the domains were created but I already told me boss to triple check this while I was at work and he swears the records are the same.


Any ideas?

Sat, 03/20/2010 - 02:53

I think the secondary DNS server is just always returning it's own IP address... even though the zone files look right... anybody know why this might be?


Sat, 03/20/2010 - 07:02
ronald's picture

the slave nameserver has A records pointing to wherever the domain is hosted. Often the primary server.
on the primary there is an A record for the slave nameserver

at the registrar you'd just have the nameservers so your nameserver is authorative

what is the domain in question?

Sat, 03/20/2010 - 09:23
mrwilder is one of them.

It's on the physical machine

It's IP is supposed to be

it's name servers are
and yy.yyy.yyy.186

But, for instance, if you go to and run the "Check domain configuration" tool, if it uses ns2 as the server to conduct the test it reports

A Record The 1 A record for
yy.yyy.yyy.186 [US] Pass
www A Record The 1 A record for :
yy.yyy.yyy.186 [US]

but if it uses ns1 to conduct the test it reports

A Record The 1 A record for : [US] Pass
www A Record The 1 A record for : [US]

This is even though ns2 is a slave zone for ns1. Shouldn't those A records match?

Also, every few times I run the test using ns1, I get

Glue Record Consistency Parent server says: A
This nameserver says: A yy.yyy.yyy.12
Inconsistencies were found between the glue records on the parent servers and the glue records on this nameserver.

And if this is NOT the problem, then what might it be? And there definitely is a problem because when you go to you often get the wrong site. In fact, it's so bad, I had the WRONG site just try to bounce to the correct site for now, since is more important.

And, also, it doesn't happen EVERY time... just some times.

Sun, 03/21/2010 - 04:38
ronald's picture

This part is at the registrar.
Nameserver records returned by the parent servers are and is correct: [''] [TTL=172800] [''] [TTL=172800]

This part is on your primary server
NS records got from your nameservers listed at the parent NS are: [''] [TTL=0] ['', ''] [TTL=0]

You need to change the ns1 IP to the correct one and remove the wrong IP form the ns1 record.

Then doublecheck the A records for the ns entries as I described earlier.
Then update the slave server with the corrected zone file.

Mon, 03/22/2010 - 14:01

Ok, if I turned off ns2's name server, it actually worked and got the web sites to come up... so, thinking that might hopefully mean the bug was on ns2, I completely reinstalled the OS and Virtualmin , never entered the IP for the ns1 server in any way, and when I started bind the error came RIGHT back...

So the error must be on ns1.

But... WHERE can I go to chance the ns1 IP so that it only has the one record?

I've checked just about everywhere I can think of.. Webmin-networking-network configuration

In /etc/hosts it lists only and I left that alone... module config lists the right addresses as far as I can tell...

For that domain, the NS records looks like this: NS Default NS Default

Doesn't that seem right?

Where would I change the IP address? This has been going on for days now... apparently I entered the wrong IP address at one time and now I cant figure out where or how to remove it... so, please, help...

Thanks Tony

Tue, 03/23/2010 - 13:24
ronald's picture

you would have to look in the zone files and look for a double entry on the ns1 A record.
the zonefile is and can be seen in the bind dns module.

Tue, 03/23/2010 - 13:36

$ttl 38400 IN SOA (

Tue, 03/23/2010 - 18:16
ronald's picture

One or more of your nameservers did not respond:
The ones that did not responded are:

zone file looks good.

Topic locked