I have a domain, friedo.com. Some people can see www.friedo.com, and others can’t. It seems that some people’s nameservers were still pointing at an obsolete address for it (129.21.107.160) when it should be pointing at 64.27.106.52. I couldn’t figure out exactly why this is happening. For example, if I do an nslookup, it seems correct.
And yet, some people reported it still pointing to the old address (which, btw, results in a connection refused error because that address is in a building that doesn’t exist anymore. )
On a whim, I tried a WHOIS, and look what I found.
bash-2.02$ whois friedo.com
(snip)
Domain Name: FRIEDO.COM
Registrar: REGISTER.COM, INC.
Whois Server: whois.register.com
Referral URL: www.register.com
Name Server: NS5.1HOURHOSTING.COM
Name Server: NS6.1HOURHOSTING.COM
Updated Date: 11-jan-2001
bash-2.02$ whois www.friedo.com
(snip)
Server Name: WWW.FRIEDO.COM
**IP Address: 129.21.107.160**
Registrar: REGISTER.COM, INC.
Whois Server: whois.register.com
Referral URL: www.register.com
Now it appears some nameservers are getting this info from the WHOIS entry, and some are getting it from the nameserver (like they should.) So, at long last, the question:
How the HELL do I change this entry in the WHOIS database? My domain is registered with register.com, and I cannot figure it out. (Near as I can tell, this entry shouldn’t even BE in the WHOIS database.)
Did you recently change your DNS provider to 1hourhosting from someone else? If so, you should tell your old provider to remove your DNS entries from their tables. Also, you may need to provide more time for propagation of your new information. Anyway, the information you need to change isn’t with the whois database, since that just tells the world where to get your DNS information from.
First of all, http://www.friedo.com is indeed 64.27.106.52. I just tried nslookup and got that result. My nameserver contacted your namesever to get that ip address.
Then I tried it a second, similiar result, but this time nslookup added “Non-authoritative answer:”. It did that because on the second try my nameserver didn’t bother to contact your nameserver. It cached the previous result. If you now change your ip address again, I won’t see that change immediately. I have to wait until the cached data expires in my nameserver.
You decided how long my nameserver is allowed to cache the data and entered this value on your SOA record. It’s the last number on the record. 86400 seconds is a common choice and that is exactly one day. If that’s your value, then at this time tomorrow I would finally see your new ip address.
I got the right address for you on my linux box, but the old one from my work machine. It usually takes 3 or 4 days for the change to propagate down the mess to every DNS. How long ago did you make the change?
Unfortunately you can’t make that change, the registrar has to do it.
Have you thought about registering your own machine as the nameserver for your domain? It takes a few days for the change to take effect, again, but it’s nice because you can make your own changes without having to depend on anybody else. Of course, before you do that you want to make sure that you have the latest version of BIND and set it not to run as root, so you don’t get hit with the buffer overflow.
Hi folks. Let me clarify that the change was indeed made several weeks ago. I’m aware that it takes a few days for propogation to occur, but this is ludicrous. I’m glad the majority of people can see the correct address, but I still have a few people who can’t. I’m beginning to suspect that their nameservers are simply configured incorrectly and there’s nothing I can do.
As for hosting it on my own machine, I would, but I don’t have a static IP, so I gotta pay someone.
Exactly what changes were made? Did you change your DNS provider, or has 1hourhosting been doing your DNS all along? I assume Register.com did your DNS before, so if that is the case, call them and ask them to remove friedo.com from their DNS tables. Someone is possibly broadcasting incorrect information for your domain.
Did your old DNS records have a really long TTL? If so, some nameservers could still be caching the old address. In that case, you’ll just have to wait until the TTL expires. The root servers have a 1 day TTL on .com, so there shouldn’t be any cached NS records out there any more for the old address.
It’s possible that some people are using bogus nameservers that don’t respect the TTL, though. Nothing you can do about that.
OneChance: Register.com was hosting the domain initially (they had it pointed at their default “under construction” page.) I then transferred the domain to 1hour’s DNS server, which seems to be doing everything correctly. Near as I can tell, register.com has deleted everything; their nameservers won’t answer authoritatively for friedo.com
I have Qwest DSL and the name servers that I use (primary = 206.81.192.1) still see www.friedo.com at 129.21.107.160. I guess all you can do is wait for the cache to clear or hope the name servers needs to be stopped and restarted. It’s also possible, I suppose, that Qwest and other providers that haven’t picked up your new information are querying old root servers. BTW, have you checked the root servers to see if they all have your new information?
Since the change took place so long ago I would guess that you don’t have a DNS issue at all. Some systems have a hosts file that can override DNS. People use this for various reasons including performance. For example, on our Unix system, we have an entry “hosts: files dns” which tells our resolver to look first at our /etc/hosts file and then if that fails, to use DNS. If I put an entry in our /etc/hosts file of “old.add.re.ss www.friedo.com”, then I will never see the new address. So I would check for that.
If it still looks like DNS, find out their nameserver both hostname and ip address. Then run nslookup using their nameserver and look for www.freido.com. If you get the right address, it’s not DNS.
www.friedo.com must be, or have been, a nameserver for a domain name at some point.
when a certain hostname is listed as a nameserver for a domain, that host record is injected with IP address into the GTLD servers.
for example, if you register xyz.com with nameservers a.xyz.com and b.xyz.com - the ip addresses of a.xyz.com and b.xyz.com have to be injected into the GTLD database as name and IP - or otherwise people won’t know how to get to the nameservers (make sense?)
jrishaw, I don’t think that’s right. www.friedo.com may exist as a host record, but that doesn’t mean that everyone still sees it as authoritative for friedo.com. For example, if I change my name servers from ns1/ns2.oldprovider.net to ns1/ns2.newprovider.net, I don’t have to delete the host records for ns1/ns2.oldprovider.net. If what you’re saying is correct, then no one would be able to see www.freido.com at its new IP address, but that’s not the case. Anyway, regardless of that, deleting the www.friedo.com host record certainly won’t hurt.
Thanks, jrishaw, that’s some useful information. (I’m perusing the manpage for the dig command too as well.)
However, I’m still confused about changing the A record. Do I do this through register.com or my webhost? And you’re right, www.friedo.com at one point doubled as a nameserver.
)