[BALUG-Admin] AXFR failures from 198.144.194.238

Rick Moen rick@linuxmafia.com
Mon Aug 22 16:05:26 PDT 2016


Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):

> Try again, and please reenable.

Done, and successful.



$ whois balug.org | grep '^Name Server'
Name Server: NS1.DREAMHOST.COM
Name Server: NS2.DREAMHOST.COM
Name Server: NS3.DREAMHOST.COM
$ whois sf-lug.org | grep '^Name Server'
Name Server: NS2.HE.NET
Name Server: NS3.HE.NET
Name Server: NS1.LINUXMAFIA.COM
Name Server: NS4.HE.NET
Name Server: NS.PRIMATE.NET
Name Server: NS5.HE.NET
$ whois sf-lug.com | grep '^Name Server'
Name Server: ns2.he.net
Name Server: ns3.he.net
Name Server: ns.primate.net
Name Server: ns4.he.net
Name Server: ns5.he.net
Name Server: ns1.linuxmafia.com
$

So, is 198.144.194.238 a 'hidden master' for domains balug.org,
sf-lug.org, and sf-lug.com (providing AXFR to slave nameservers but not
declared publicly authoritative)?

Let me know if so, and I'll annotate that in my /etc/named.conf.local
file.  The downtime _looked_ like someone had moved nameservice to a new 
master DNS IP and not advised me as admin of a slave nameserver, because
not only was there no AXFR or ping response, but the absence from public
WHOIS data seemed suspicious.





More information about the BALUG-Admin mailing list