Solved

External mail domain name disappearing from DNS

Posted on 2010-08-31
14
409 Views
Last Modified: 2012-05-10
For the last few days we've been having problems with the domain name mail.colourcentre.net.au.
Approximately every 5-6 hours it stops resolving to an IP address so all emails to this domain start failing and get queued instead.

I've worked out that opening AD DNS and going 'Clear Cache' on the two primary AD servers fixes the resolution problem temporarily and then the queued emails slowly start filtering through again.

This is an external domain but we've heard from them that they changed host on Friday the 27th which is now 5 days ago.

Anyone have any idea what could be happening and how to resolve this issue? I'm now assuming the DNS problems must be on our end as doing the cache clear gets it resolving again straight away. However we are not aware of any problems with other domains and can't see any errors in event logs on the AD servers.
0
Comment
Question by:andoss
  • 6
  • 4
  • 4
14 Comments
 
LVL 8

Author Comment

by:andoss
ID: 33572684
I forgot to mention the problem is happening with both:
mail.colourcentre.net.au
colourcentre.net.au

Seem to need both resolving for emails to go out.
0
 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 33572748
It looks like there's no A record in DNS to go along with the MX record for mail.colourcentre.net.au.  "mail.colourcentre.net.au" does not resolve to an IP.  Whoever runs your public DNS needs to add the A record for mail.colourcentre.net.au on IP 218.214.41.39.  That's what I'm seeing anyway.
 
0
 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 33572777
I take that back.  Some DNS servers can resolve mail.colourcentre.net.au to an IP, but others cannot resolve it.  Google's public DNS can resolve it, but our ISP's DNS cannot.  Also, the nameservers for the domain colourcentre.net.au are reported as  "ns1.theplanet.host" and "ns2.theplanet.host".  Someone will have to educate me on that because I've never seen a ".host" before and those don't resolve to anything.
0
 
LVL 29

Expert Comment

by:Rich Weissler
ID: 33572792
First thing I see on a nslookup locally trying to find you:
mail.colourcentre.net.au        internet address = 218.214.41.39
colourcentre.net.au     nameserver = ns2.theplanet.host
colourcentre.net.au     nameserver = ns1.theplanet.host

I don't know if that's the old address... and things just haven't timed out in the caches up stream yet.

Umm... those name servers have a top level domain of 'host'?
Assuming it should be at theplanet.com, the name servers also seem to deny my queries... *shrug*

Looking at ns5.aftershock.com.au, I see:
colourcentre.net.au     MX preference = 0, mail exchanger = mail.colourcentre.net.au
colourcentre.net.au
        primary name server = ns1.theplanet.host
        responsible mail addr = info.174.122.249.106
        serial  = 2010082703
        refresh = 86400 (1 day)
        retry   = 7200 (2 hours)
        expire  = 3600000 (41 days 16 hours)
        default TTL = 86400 (1 day)
colourcentre.net.au     nameserver = ns1.theplanet.host
colourcentre.net.au     nameserver = ns2.theplanet.host
colourcentre.net.au     internet address = 174.122.249.106
mail.colourcentre.net.au        internet address = 218.214.41.39

The name servers in there are still... umm... looking wrong.  http://whois.ausregistry.net.au/whois indicates that your name server should be ns5.aftershock.com.au ?  (And again, I can't resolve the .host top level domain.)

So, at this point, I'm not sure what name server thinks it is authoritative for you...
0
 
LVL 8

Author Comment

by:andoss
ID: 33572793
From what you've just said would you be thinking the problem is on their end at the moment still?

Do you think creating forwarders for those two domains to a public DNS server that can resolve them be a decent temporary resolution?
0
 
LVL 29

Expert Comment

by:Rich Weissler
ID: 33572798
Oops... sorry IT-Monkey, you posted while I was still navigating around trying to figure out what is going on.  *blush*
0
 
LVL 8

Author Comment

by:andoss
ID: 33572831
Hi Razmus,

I have nothing to do with colourcentre.net.au or mail.colourcentre.net.au setup.
I'm working for another company that corresponds with them via email and we are having problems with our mail server queuing up emails because we aren't able to resolve their domain via DNS.

I believe from what you are saying is that the problem appears to be on their end and my DNS servers are working as they should?
It's just weird that a clear cache fixes the problem? I'm not very knowledgeable on AD DNS but is it possible some of the root servers have the right DNS for this domain and others don't which might explain the cache clear fix?
0
 
LVL 29

Expert Comment

by:Rich Weissler
ID: 33575716
A few more questions:
Is 218.214.41.39 the correct or incorrect IP address for your mail server?
Confirm: Your AD domain doesn't use colourcentre.net.au domain name?

Basically, I believe you are picking up the wrong address from somewhere, which is saying that it's authoritative for your domain.  The next time it happens, before you clear the cache, drill down into the cache and look at the address assigned to mail.colourcentre.net.au and see (1) if it's wrong, and (2) jot down what it is, which will help track down where it's coming from.
0
 
LVL 8

Author Comment

by:andoss
ID: 33582355
As i've said this is not my mail server or my domain name.
It's a company we regularly correspond with and due to this problem are now unable to (until i clear the cache).

Just trying to work out if the problem is on our end or theirs and if it's on theirs is there a workaround we can use until they fix their end?
0
 
LVL 13

Accepted Solution

by:
IT-Monkey-Dave earned 250 total points
ID: 33582452
What if you create a new forward lookup zone on your internal AD DNS server(s) for the domain colourcentre.net.au and populate it with a single A record for mail.colourcentre.net.au at IP 218.214.41.39.  Maybe also an MX record for that mail server too.  That's assuming 218.214.41.39 is the correct IP, which I'm not sure we've confirmed.  That way your internal DNS server(s) will never have to look outside to resolve mail.colourcentre.net.au and therefore they should have the correct IP at all times.  But only if you already know the correct IP.
0
 
LVL 29

Assisted Solution

by:Rich Weissler
Rich Weissler earned 250 total points
ID: 33582483
Ah! I misunderstood what you meant this not being your systems.

On your DNS Servers, can you confirm what bad information is ending up in your cache?

If it were me, and it were only emails I was concerned about, I'd make a static entry for their mail server in the HOSTS file on my mail server, and I'd send an email to myself with delayed delivery in two weeks to go back and check to see if they have fixed their issue yet, so I could strip that entry out later.  (I wouldn't want anyone else to find that entry in some number of months or years after spending forever troubleshooting a mail delivery issue.)  The MX entry looks like it might be correct... so this could be sufficient.  *crosses.fingers*
0
 
LVL 8

Author Comment

by:andoss
ID: 33582572
I  think creating the additional forward lookup zone will be the best option and then i'll just remove it once they resolve their issues.
It is just emails we are concerned about but there are a number of different servers that are sending these emails so static entries on each of these would end up messy.

Thanks for both your help I'll give that a shot.
0
 
LVL 13

Expert Comment

by:IT-Monkey-Dave
ID: 33582584
Hope it works.  Let us know what happens.
0
 
LVL 8

Author Closing Comment

by:andoss
ID: 33614127
I ended up creating a forwarder for the colourcentre.net.au domain to our ISP's DNS server.

Thanks for both your help.
0

Join & Write a Comment

One of the most often confused topics in the area DNS is the idea of GLUE records. Specifically, what they are, when they are needed, when they are provided, and how they are created. First, WHAT IS GLUE? To understand GLUE, you must first under…
Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now