Why is Denic not accepting my nameservers?

Posted by Oliver Salzburg on Server Fault See other posts from Server Fault or by Oliver Salzburg
Published on 2012-07-05T18:31:16Z Indexed on 2012/07/05 21:18 UTC
Read the original article Hit count: 384

Filed under:
|

I'm currently in the process of moving all of our domains to our own nameservers. Which wasn't an issue until I hit our own .de domain. I (think I) understand the implications of having the NS inside it's own domain, hence the need for glue records.

Until yesterday, I would have assumed I have a pretty good understanding of Bind and DNS zones until I was presented with this error from the Denic nameserver predelegation check:

Inconsistent set of nameserver IP addresses (NS, provided glues, determined glues)

  • ns2.hartwig-at.de
  • [88.198.242.190/88.198.242.190]
  • Default resolver determined: [], other resolvers determined: {88.198.242.190/88.198.242.190=[/2a01:4f8:d13:3c85:0:0:0:2, /88.198.242.190]}

Inconsistent set of nameserver IP addresses (NS, provided glues, determined glues)

  • ns1.hartwig-at.de
  • [cloud.hartwig-at.de/176.221.46.23]
  • Default resolver determined: [], other resolvers determined: {cloud.hartwig-at.de/176.221.46.23=[/2a00:1158:3:0:0:0:0:b6, /176.221.46.23]}

Screenshot of the result

The support of my registrar is either far better educated than me or doesn't have a clue. Either way, they're avoiding my questions in regards to what this error means. They just tell me

Your nameserver has to return your own nameservers as the default resolver.

But that doesn't make any sense to me and they refuse to try to explain it any other way.

This is the head of my current zone file:

@               86400   IN SOA          ns1.hartwig-at.de. hostmaster.hartwig-at.de. (
                                        2012070505 ; serial
                                        1d         ; refresh
                                        3h         ; retry
                                        4w         ; expiry
                                        1h )       ; minimum

                3600    IN NS           ns1.hartwig-at.de.
                3600    IN NS           ns2.hartwig-at.de.

                3600    IN MX 10        remote.hartwig-at.de.
                3600    IN MX 20        mx1.hartwig-at.de.
                3600    IN MX 30        mx2.hartwig-at.de.

localhost       3600    IN A            127.0.0.1
localhost       3600    IN AAAA         ::1
@               3600    IN A            176.221.46.23
                3600    IN AAAA         2a00:1158:3::b6
*               3600    IN A            176.221.46.23
                3600    IN AAAA         2a00:1158:3::b6

hetzner         3600    IN A            88.198.242.190
hetzner         3600    IN AAAA         2a01:4f8:d13:3c85::2
cloud           3600    IN A            176.221.46.23
cloud           3600    IN AAAA         2a00:1158:3::b6

; List all NS as A/AAAA record
ns              3600    IN A            176.221.46.23
ns              3600    IN AAAA         2a00:1158:3::b6
ns1             3600    IN A            176.221.46.23
ns1             3600    IN AAAA         2a00:1158:3::b6
ns2             3600    IN A            88.198.242.190
ns2             3600    IN AAAA         2a01:4f8:d13:3c85::2

So, what is the problem with my zone? And what is the "default resolver"?

© Server Fault or respective owner

Related posts about dns

Related posts about bind