DNS A-Record

togo

New Member
Hallo Forum,

folgende Voraussetzungen sind bei mir gegeben.

Ich habe eine feste IP von der T-Com. Bei der T-Com ist eine Domain mit dabei. Der A-Record der Domain , laut meinem Antrag (*), ist auf die feste IP umgestellt.

www.domain.de und domain.de werden auch aufgelöst.

Der ISPConfig Server steht hinter einer m0n0wall, TCP/UDP Port 53, wird an den Webserver durchgereicht.

DNS Zone domian.de ist eingerichtet, zusätzliche A-Records eingetragen.

Nun zu meinem Problem. Es sind keine Subdomain von extern erreichbar.

Intern kein Problem.

Hier mal die infos von dns-health

Domain NS records Nameserver records returned by the parent servers are:

dns02-tld.t-online.de ['217.237.160.27'] (NO GLUE) [TTL=86400]
dns01-tld.t-online.de ['212.185.250.107'] (NO GLUE) [TTL=86400]

a.nic.de. was kind enough to give us that information.
Pass TLD Parent Check Good. a.nic.de., the parent server I interrogated, has information for your TLD.
Pass Your nameservers are listed Good. The parent server a.nic.de. has your nameservers listed. This is a must if you want to be found as anyone that does not know your DNS servers will first ask the parent nameservers.
DNS Parent sent Glue The parent nameserver a.nic.de. is not sending out GLUE for every nameservers listed, meaning he is sending out your nameservers host names without sending the A records of those nameservers. It's ok but you have to know that this will require an extra A lookup that can delay a little the connections to your site. This happens a lot if you have nameservers on different TLD (domain.com for example with nameserver ns.domain.org.)
Nameservers A records Good. Every nameserver listed has A records. This is a must if you want to be found.
NS Info NS records from your nameservers NS records got from your nameservers listed at the parent NS are:

dns01-tld.t-online.de ['212.185.250.107'] [TTL=86400]
dns02-tld.t-online.de ['217.237.160.27'] [TTL=86400]

Pass Recursive Queries Good. Your nameservers (the ones reported by the parent server) do not report that they allow recursive queries for anyone.
Pass Same Glue Hmm,I do not consider this to be an error yet, since I did not detect any nameservers at your nameservers
Pass Glue for NS records OK. When I asked your nameservers for your NS records they also returned the A records for the NS records. This is a good thing as it will spare an extra A lookup needed to find those A records.
Error Mismatched NS records OK. The NS records at all your nameservers are identical.
Error DNS servers responded Good. All nameservers listed at the parent server responded.
Pass Name of nameservers are valid OK. All of the NS records that your nameservers report seem valid.
Error Multiple Nameservers Good. You have multiple nameserversAccording to RFC2182 section 5 you must have at least 3 nameservers, and no more than 7. Having 2 nameservers is also ok by me.
Pass Nameservers are lame OK. All the nameservers listed at the parent servers answer authoritatively for your domain.
Pass Missing nameservers reported by parent OK. All NS records are the same at the parent and at your nameservers.
Pass Missing nameservers reported by your nameservers OK. All nameservers returned by the parent server a.nic.de. are the same as the ones reported by your nameservers.
Pass Domain CNAMEs OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
Pass NSs CNAME check OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
Pass Different subnets OK. Looks like you have nameservers on different subnets!
Pass IPs of nameservers are public Ok. Looks like the IP addresses of your nameservers are public. This is a good thing because it will prevent DNS delays and other problems like
Pass DNS servers allow TCP connection OK. Seems all your DNS servers allow TCP connections. This is a good thing and useful even if UDP connections are used by default.
Pass Different autonomous systems OK. It seems you are safe from a single point of failure. You must be careful about this and try to have nameservers on different locations as it can prevent a lot of problems if one nameserver goes down.
Pass Stealth NS records sent Ok. No stealth ns records are sent
SOA SOA record The SOA record is:
Primary nameserver: dns01-tld.t-online.de
Hostmaster E-mail address: dnsadmin.nic.dtag.de
Serial #: 2014081201
Refresh: 21600
Retry: 3600
Expire: 604800 7 days
Default TTL: 86400
NSs have same SOA serial OK. All your nameservers agree that your SOA serial number is 2014081201.
Pass SOA MNAME entry OK. dns01-tld.t-online.de That server is listed at the parent servers. dns01-tld.t-online.de That server is listed at the parent servers.
Pass SOA Serial Your SOA serial number is: 2014081201 . This appears to be in the recommended format of YYYYMMDDnn.
Pass SOA REFRESH OK. Your SOA REFRESH interval is: 21600 . That is OK But recomended range is 1200-43200
Pass SOA RETRY Your SOA RETRY value is: 3600 . Looks ok But recomended range is 180-900
Pass SOA EXPIRE Your SOA EXPIRE number is: 604800 seconds.Looks ok But recomended range is 1209600-2419200 seconds
Pass SOA MINIMUM TTL Your SOA MINIMUM TTL is: 86400 seconds. This value was used to serve as a default TTL for records without a given TTL value and now is used for negative caching (indicates how long a resolver may cache the negative answer). RFC2308 recommends a value of 1-3 hours. Your value of 86400 seconds is OK.
MX Info MX Records Your MX records that were reported by your nameservers are:

20 smtp-02.tld.t-online.de [194.25.134.12] [194.25.134.12]
10 smtp-01.tld.t-online.de [194.25.134.76] [194.25.134.76]

[These are all the MX records that I found. If there are some non common MX records at your nameservers you should see them below. ]
Warning Different MX records at nameservers The MX records that are not the same at all your nameservers:

dns01-tld.t-online.de returned the following:
smtp-02.tld.t-online.de [194.25.134.12]
smtp-01.tld.t-online.de [194.25.134.76]

dns02-tld.t-online.de returned the following:
smtp-01.tld.t-online.de [194.25.134.76]
smtp-02.tld.t-online.de [194.25.134.12]
It is better to have the same MX records at all your nameservers!
Pass MX name validity Good. I did not detect any invalid hostnames for your MX records.
Pass MX IPs are public OK. All of your MX records appear to use public IPs.
Pass MX CNAME Check OK. No problems here.
Pass MX A request returns CNAME OK. No problems here.
Pass MX is not IP OK. All of your MX records are host names.
Pass Number of MX records OK. Looks like you have multiple MX records. However some of your MX records are not common at all your nameservers. This seems bad but if you know what are you doing it's ok.
Pass Mismatched MX A OK. I did not detect differing IPs for your MX records. --not doen
Pass Duplicate MX A records OK. I have not found duplicate IP(s) for your MX records. This is a good thing.
Pass Reverse MX A records (PTR) Your reverse (PTR) record:
12.134.25.194.in-addr.arpa -> smtp-02.tld.t-online.de
76.134.25.194.in-addr.arpa -> smtp-01.tld.t-online.de
You have reverse (PTR) records for all your IPs, that is a good thing.
WWW Info WWW A Record Your www.domain.de A record is:
www.domain.de ->[xxx.139.xxx.197]

Pass IPs are public OK. All of your WWW IPs appear to be public IPs.
Pass WWW CNAME OK. No CNAME


Jemeand eine Idee?


Grüße

Tom
 
Zuletzt bearbeitet:

Till

Administrator
Wenn die Domain bei der tcom ist, dann kannst Du keinen eigenen DNS Server für diese Domain betreiben, denn dann befindet sich die Zone in der Verwaltung der tcom, Du must also dns Änderugen bei der tcom machen und darfst die zone nicht in Deinem lokalen DNS anlegen.
 

Werbung

Top