NSI/VeriSign propogating incorrect DNS glue records
Derek Balling
dredd at megacity.org
Sat Feb 16 20:18:20 UTC 2002
At 10:45 AM -0800 2/16/02, J.D. Falk wrote:
>On 02/16/02, Derek Balling <dredd at megacity.org> wrote:
>
>> Move the domains elsewhere (e.g., if NS1.EXAMPLE.COM is bogus, move
>> EXAMPLE.COM elsewhere). Once you do that, NSI isn't in charge of
>> *.EXAMPLE.COM glue records any more, and you can have your new
>> registrar correct them - in most cases, quite quickly and easily.
>
> Unfortunately, if you have other domains registered with
> that same nameserver then NSI may hold onto the host record
> and not let go for MONTHS.
They can keep a host-record hanging around in their database 'til the
end of time for all you care. The only registrar who can send
EXAMPLE.COM glue-records up the chain is $NEW_REGISTRAR, and that's
all that matters.
I've got a host record hanging around in NSI's database for
"NS1.MEGACITY.ORG" for about two or three years since I left NSI. It
has an address that is about three years old, and the IP address only
reflects "reality" because I think they got tired of me constantly
bitching about it to them that it looked hokey when NSI-hosting
domains[1] that USED ns1.megacity.org had the wrong IP address in
their whois record (but that didn't matter because the glue still had
the right data)
D
[1] friends' domains, not mine. I wouldn't touch NSI with a 3m cattle-prod.
--
+---------------------+-----------------------------------------+
| dredd at megacity.org | "Thou art the ruins of the noblest man |
| Derek J. Balling | That ever lived in the tide of times. |
| | Woe to the hand that shed this costly |
| | blood" - Julius Caesar Act 3, Scene 1 |
+---------------------+-----------------------------------------+
More information about the NANOG
mailing list