DNS Issues

Mike_Moglin · August 14, 2001, 1:37am

I need some help in understand this one…

A disgruntled employee set up duplicate DNS for our domain on his personal server and convinced uu.net to update their DNS records to point to his server as our secondary DNS server. The record on his server has a different serial number than ours does, and we’ve contacted uu.net to point the domain back where it belonged.

The question is how do I get the records to propagate rapidly?? he set the expire time on the records he sent out extremely high. Is there a way to force an update?? And what do the serial numbers really do?

Thanks.

Patrick_Greenwell1 · August 14, 2001, 1:49am

I need some help in understand this one..

A disgruntled employee set up duplicate DNS for our domain on his personal
server and convinced uu.net to update their DNS records to point to his
server as our secondary DNS server. The record on his server has a
different serial number than ours does, and we've contacted uu.net to
point the domain back where it belonged.

The question is how do I get the records to propagate rapidly?? he set the
expire time on the records he sent out extremely high. Is there a way
to force an update??

You can't push an update to other peoples caches, so people who
made requests against records in your zone during the time the
nameservers pointed to his server will continue to go to his server
until the timeout period or they clear their caches.

And what do the serial numbers really do?

It's used to determine if a slave is in sync with a master.

Mark_Radabaugh · August 14, 2001, 3:13am

Your pretty much screwed as far as getting the cached responses fixed -
it depends on the providers with the (bad) cached records clearing the
cache (reboot or restart) or the cache timing out.

Since this was obviously illegal if you can get his IP routed to your
nameserver or just shutdown then it won't really matter that he has a
pointer to his name server - the resolvers will just decide the
secondary is down and look for another name server.

Mark Radabaugh
Amplex
(419) 833-3635

Jon_Lewis1 · August 14, 2001, 4:31am

You don't. AFAIK, the only way would be to get everyone to restart their
name servers. Not likely. Talk to your lawyer and the cops and make the
disgruntled ex-employee pay. I've seen people do this sort of thing out
of stupidity (typo an address, and reload the zone with an inconveniently
long TTL), but it's a great way to screw someone if you can pull it off.