Tuesday, June 19, 2012

Custom Domain Diagnoses - Identify DNS Address Inconsistencies

One of the more intriguing causes of intermittent custom domain problems starts with inconsistent DNS server configuration. Recently, eNom, one of the "partners" in "Buy a domain", has been serving inconsistent DNS configurations, from time to time - including one very blatant episode the afternoon of 6/18/2012, which was reported by several dozen angry blog owners.

Detecting, and diagnosing, the inconsistencies is typically a complicated process.
  1. Identify the domain authority servers, typically using a Who Is lookup.
  2. Dig each domain address (typically "naked domain" and "www" aliases), from each of the identified domain authority servers.
  3. Extract and aggregate each Dig log.
  4. Compare aggregated Dig snippets.
This was not a task for the faint of heart, or tech challenged, blog owner.

Recently, I was given a handy tool which does all of this, in one quick GUI transaction.

The Dig Web Interface, yet another free online tool, provides us the ability to diagnose inconsistent DNS servers - such as the problem eNom seems to have, in a 30 second transaction.
  1. Provide the "naked domain" and "www" aliases.
  2. Select "A" for "Type" ("A" / "CNAME" / "NS" lookups).
  3. Select "Authoritative" for "Nameservers".
  4. Hit "Dig".
Finally, just copy the log produced, for examination.

It's not a fancy tool, but it does the job - very well. Here, we see the log for this domain, "nitecruzr.net".
nitecruzr.net@ns11.domaincontrol.com.:
nitecruzr.net.  3600 IN A 216.239.36.21
nitecruzr.net.  3600 IN A 216.239.32.21
nitecruzr.net.  3600 IN A 216.239.34.21
nitecruzr.net.  3600 IN A 216.239.38.21
nitecruzr.net.  3600 IN NS ns54.domaincontrol.com.
nitecruzr.net.  3600 IN NS ns53.domaincontrol.com.
nitecruzr.net.  3600 IN NS ns12.domaincontrol.com.
nitecruzr.net.  3600 IN NS ns11.domaincontrol.com.

nitecruzr.net@ns12.domaincontrol.com.: nitecruzr.net. 3600 IN A 216.239.36.21 nitecruzr.net. 3600 IN A 216.239.32.21 nitecruzr.net. 3600 IN A 216.239.34.21 nitecruzr.net. 3600 IN A 216.239.38.21 nitecruzr.net. 3600 IN NS ns54.domaincontrol.com. nitecruzr.net. 3600 IN NS ns53.domaincontrol.com. nitecruzr.net. 3600 IN NS ns12.domaincontrol.com. nitecruzr.net. 3600 IN NS ns11.domaincontrol.com.
nitecruzr.net@ns53.domaincontrol.com.: nitecruzr.net. 3600 IN A 216.239.36.21 nitecruzr.net. 3600 IN A 216.239.34.21 nitecruzr.net. 3600 IN A 216.239.38.21 nitecruzr.net. 3600 IN A 216.239.32.21 nitecruzr.net. 3600 IN NS ns54.domaincontrol.com. nitecruzr.net. 3600 IN NS ns53.domaincontrol.com. nitecruzr.net. 3600 IN NS ns12.domaincontrol.com. nitecruzr.net. 3600 IN NS ns11.domaincontrol.com.
nitecruzr.net@ns54.domaincontrol.com.: nitecruzr.net. 3600 IN A 216.239.36.21 nitecruzr.net. 3600 IN A 216.239.34.21 nitecruzr.net. 3600 IN A 216.239.38.21 nitecruzr.net. 3600 IN A 216.239.32.21 nitecruzr.net. 3600 IN NS ns54.domaincontrol.com. nitecruzr.net. 3600 IN NS ns53.domaincontrol.com. nitecruzr.net. 3600 IN NS ns12.domaincontrol.com. nitecruzr.net. 3600 IN NS ns11.domaincontrol.com.
www.nitecruzr.net@ns11.domaincontrol.com.: www.nitecruzr.net. 3600 IN CNAME ghs.google.com.
www.nitecruzr.net@ns12.domaincontrol.com.: www.nitecruzr.net. 3600 IN CNAME ghs.google.com.
www.nitecruzr.net@ns53.domaincontrol.com.: www.nitecruzr.net. 3600 IN CNAME ghs.google.com.
www.nitecruzr.net@ns54.domaincontrol.com.: www.nitecruzr.net. 3600 IN CNAME ghs.google.com.
The log is not complicated, to parse. For each URL, each authority server is identified, and Dug. In the case of this domain, hosted on GoDaddy, we see each URL, Dug from each of 4 authority servers, one by one.

If a DNS inconsistency existed, the above log would show the differing DNS addresses - such as eNom hosted domains show, from time to time. Given this tool, it may be easier to look for DNS inconsistencies, when problems with custom domains are reported, in Blogger Help Forum: Something Is Broken.

>> Top

2 comments:

Tim Cumper said...

A very useful tool.
I have tried it with timcumper.net & www.timcumper.net (a new blogger blog set up specifically for this recently - but getting a 404 message) - I notice that the report only contains one line of IP - 216.239.32.21
as distinct from the four lines which appear in your example (& are part of the instructions from Google.)
However - I have recently set up timcumper.biz - which brings precisely the same results - but is successfully appearing online at the URL.
Are the four, separate IPs required - is it some sort of redundancy safeguard?

Chuck Croll said...

Tim,

You only need one "A" record - if and ONLY if you are prepared to see your domain offline, when that one server is offline - as in what happened last week.

If you care at all for your readers - and their reliable access to your blog, you will always use 4 "A" records.

http://blogging.nitecruzr.net/2012/09/one-of-blogger-google-custom-domain-dns.html

http://blogging.nitecruzr.net/2009/09/your-blog-custom-domains-and-quadruplet.html