DNS SOA exists or not

[mobcdi]

I'm having trouble getting my DNS server working properly and while trying to figure out whats going wrong I've been trying a number of dns report tools but its adding to my confusion

1 reports that my DNS server is not authoritative for my zone DNSCog Report for cdi.ul.ie

but

Free DNS tools, reports and hosting tests, WHOIS, ping, tracerout, spam database lookup. Advanced network and domain name tools.

says different.

Which should I believe?

[votethehost.com]

"DNS server is not authoritative for my zone" this message is generated when a DNS requests reaches to a DNS server and the Zone for that request is not present on that DNS server.

Also if you check the FREE DNS tool report it says you have set only one name server and not two. You should always minimum set 2 name servers for a server.

[mobcdi]

I did check dns report tools except that 1 says I have SOA and the other says I don't. also I have 2 ns's for my domain.

Is there a way in WHM or cPanel to confirm my NS is authoritative?

[cPanelDon]

I am seeing the following results when using "dig" to check the NS records of the parent DNS zone:

Code:

# dig ul.ie NS +noall +answer
ul.ie.			3600	IN	NS	auth-ns1.ucd.ie.
ul.ie.			3600	IN	NS	hermes.ul.ie.
ul.ie.			3600	IN	NS	marshal.ul.ie.
ul.ie.			3600	IN	NS	mercury.ul.ie.

Via a whois search of "ul.ie" the same DNS servers are seen as what's reported by the NS records; this is good.

When using "dig" again to query each of the above authoritative DNS servers, including one DNS server that is delegated authority, the following results are reported when checking the SOA and NS records:

Code:

# dig @auth-ns1.ucd.ie cdi.ul.ie SOA +noall +answer

# dig @hermes.ul.ie cdi.ul.ie SOA +noall +answer
cdi.ul.ie.		81545	IN	SOA	source.cdi.ul.ie. cdi.ul.ie. 2009110207 43200 7200 1209600 86400

# dig @marshal.ul.ie cdi.ul.ie SOA +noall +answer
;; connection timed out; no servers could be reached

# dig @mercury.ul.ie cdi.ul.ie SOA +noall +answer
cdi.ul.ie.		86400	IN	SOA	source.cdi.ul.ie. cdi.ul.ie. 2009100510 86400 7200 1209600 86400

# dig @source.cdi.ul.ie cdi.ul.ie SOA +noall +answer
cdi.ul.ie.		86400	IN	SOA	source.cdi.ul.ie. cdi.ul.ie. 2009110207 43200 7200 1209600 86400

# dig @auth-ns1.ucd.ie cdi.ul.ie NS +noall +answer

# dig @hermes.ul.ie cdi.ul.ie NS +noall +answer
cdi.ul.ie.		3600	IN	NS	source.cdi.ul.ie.

# dig @marshal.ul.ie cdi.ul.ie NS +noall +answer
;; connection timed out; no servers could be reached

# dig @mercury.ul.ie cdi.ul.ie NS +noall +answer
cdi.ul.ie.		14400	IN	NS	source.cdi.ul.ie.
cdi.ul.ie.		14400	IN	NS	mercury.ul.ie.

# dig @source.cdi.ul.ie cdi.ul.ie NS +noall +answer
cdi.ul.ie.		86400	IN	NS	mercury.ul.ie.
cdi.ul.ie.		86400	IN	NS	source.cdi.ul.ie.

From the above results we can see the following:
1.) DNS server "auth-ns1.ucd.ie" does not report an answer
2.) Connection attempt fails to DNS server "marshal.ul.ie"
3.) The DNS servers "mercury.ul.ie" and "source.cdi.ul.ie" are delegated authority via NS records in the sub-domain zone data for "cdi.ul.ie"
3.) The SOA records and zone serial numbers do not match; more specifically, DNS server "mercury.ul.ie" reports a conflicting zone serial number in the SOA record that is different than what is reported by DNS servers "hermes.ul.ie" and "source.cdi.ul.ie"
4.) The NS records do not match.

It will be necessary to ensure the zone serial numbers match, and that the NS records match; ideally, each authoritative DNS server should report matching zone data for the sub-domain ("cdi.ul.ie"). I would also consider escalating the issue to the server administrators that control the parent DNS zone ("ul.ie").

[mobcdi]

Hi cPanel Don,

Thanks for the debug. I contacted the domain admin and they checked the log of the 2nd NS which is saying my primary ns is refusing to transfer the zone

Code:

A zone transfer request for the secondary zone cdi.ul.ie was refused by the master DNS server at 193.1.101.122. Check the zone at the master server 193.1.101.122 to verify that zone transfer is enabled to this server.

Why would my DNS be refusing to transfer the zone and how do I correct it

[mobcdi]

Opened a new thread here
http://forums.cpanel.net/f5/dns-zone...tml#post594825

because the topic has changed