[afnog] DNS problem

[Stephane Bortzmeyer]

On Sat, Oct 11, 2008 at 11:22:03AM +0000,
 Dany Mustapha <cristophe06 at yahoo.fr> wrote 
 a message of 176 lines which said:

> but i have a problem with spread dns, there is some server dns that
> give me a corect ip address for my server mail, but the other not,
> its give me the address of my domain name host.

Your DNS zone is quite broken. You should always use a tool to check
it. With Zonecheck <http://www.zonecheck.fr/>:

% zonecheck blanca.ma
ZONE  : blanca.ma.
NS <= : dmns1.heberjahiz.com. [67.15.212.212]
NS    : dmns2.heberjahiz.com. [67.15.249.249]

       _______________
     ,---------------.|
~~~~ |    warning    || ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     `---------------'
w> Nameservers are all part of the same AS
 | Adv: ZoneCheck
 |   To avoid loosing all connectivity with the authoritative DNS in case
 | of a routing problem inside your Autonomous System, it is advised to
 | host the DNS on different AS.
 `----- -- -- - -  -
 :   All the nameservers are part of the same Autonomous System (AS number
 : 21844), try to have some of them hosted on another AS.
 `..... .. .. . .  .
=> generic

       _____________
     ,-------------.|
~~~~ |    fatal    || ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     `-------------'
f> The serial number is not consistent with primary nameserver
 :   got serial 2008092500 instead of 2005090201 as on
 : dmns1.heberjahiz.com./67.15.212.212.
 `..... .. .. . .  .
=> dmns2.heberjahiz.com./67.15.249.249

f> The nameserver list doesn't match the given one
 :   The given nameserver list (dmns1.heberjahiz.com.,
 : dmns2.heberjahiz.com.) is not consistent with the one retrieved from
 : the zone (ns.blanca.ma.).
 `..... .. .. . .  .
=> dmns1.heberjahiz.com./67.15.212.212

==> FAILURE (and 1 warning(s))


That's at least two big problems (zone desynchronization and
discrepancy between the delegation and the zone) to address.