DNS check fails due to missing SOA records

[geyser.too82]

Hello,

The name servers ns1.x10hosting.com and ns2.x10hosting.com fail the ZoneCheck test implemented by AFNIC, and performed automatically by my French registrar ("BookMyName.com" a.k.a. "Online.net").

Here is the test: http://www.afnic.fr/outils/zonecheck_en
When run by the domain's control panel, ZoneCheck reports a missing SOA record on either ns1.x10hosting.com or ns2.x10hosting.com, which is apparently a fatal error.
The exact wording of the error is "Aucun enregistrement SOA présent sur le serveur" ("No SOA record present on the server"), followed by either "ns1.x10hosting.com/99.198.122.2" or "ns2.x10hosting.com/173.236.27.195".
When run from AFNIC's site the fatal error is still there, either for ns1.x10hosting.com or ns2.x10hosting.com but the wording is "Impossible de trouver d'enregistrement SOA pour ce domaine" ("The SOA record for this domain can not be found").
If I run ZoneCheck on the x10.hosting.com domain (from AFNIC's site again), I get a different error. It says, for ns1.x10hosting.com/99.198.122.2, that "the value of the 'retry' field must be less than that of the 'refresh' field". They refer to ftp://ftp.ietf.org/rfc/rfc1912.txt and say that in your case 'retry' is 2 hours and 'refresh' is only 1 hour. I have no idea what to think of all this.

On another support thread I've seen a link to http://who.is/dns/x10hosting.com/, which suggests that some kind of SOA record IS present. Perhaps it does not quite conform to the standards as implemented in AFNIC's test? Same question about 'refresh' and 'retry', and possibly other things. I haven't tried running ZoneCheck in advanced mode, so it bails out after the first fatal error. They are clearly being over-zealous, but AFNIC's authority is something that I can't really question.

Anyway, the domain's control panel runs ZoneCheck automatically. I can't tweak the test, and the domain providers (whom I've contacted) apparently don't want to tweak it either (because it's a standard). They told me, rather bluntly, "Vous devez contacter votre hébergeur." ("You must contact your host.") Apparently, they mean that the only way to get my domain to point to your servers is for your servers to comply with AFNIC's ZoneCheck.

Q1)
Ideally, I'd like your DNS to pass the SOA test, which seems to be the regular procedure. What do you think of the ZoneCheck test, of the missing SOA record, and of a possible fix?

Q2)
Alternatively, I've seen an old thread that discusses the same problem and possibly contains a workaround from user adrenlinerush:
http://x10hosting.com/forums/free-hosting/108409-nameserver-problems-please-help.html
http://x10hosting.com/forums/free-hosting/108409-nameserver-problems-please-help.html#post619262
http://x10hosting.com/forums/free-hosting/108409-nameserver-problems-please-help.html#post619886

so basically wherever you're going to host your dns (nameserver) get the addresses from them ... something like ns1.zoneedit.com or ns1.x10hosting.com etc... set the name server at the Registrar and then then at the nameserver set the SOA (if it doesn't do it automatically) then create an ARecord for the host (web server) and probably want a MX (mail entry) or a Mail Forwarder...

where did you buy the domain from? if they have dns available free with the domain just use theirs... add it into the addon or parked domains in cpanel and then add the ip of your server found on the left of the main cpanel page to arecord for what you added as an addon or parked domain...

Unfortunately, I'm not sure I understand those instructions. Could someone reword them more systematically? My domain's control panel has a lot of settings, but I have zero experience and wouldn't like to mess anything up.

 

[misson]

You've left out a crucial piece of information: what's your domain?

On another support thread I've seen a link to http://who.is/dns/x10hosting.com/, which suggests that some kind of SOA record IS present.

x10hosting.com has an SOA record, it's your site that doesn't. Try setting up the domain (as your main domain, a parked domain or add-on domain), then running the test again.

 

[geyser.too82]

Thanks for the support. I'm still a bit confused, though.

My domain is a top-level .FR, called bards.fr
I initially intended to "park" it onto ksp.x10.mx

However, setting up an "add-on" or "parked" domain through x10hosting's cPanel does not work (the operation fails with an error message that I don't quite remember) unless the domain's DNS have already been changed to ns1.x10hosting.com and ns2.x10hosting.com

On the other hand, the domain's DNS could not be changed to ns1.x10hosting.com and ns2.x10hosting.com (because of the SOA error reported by AFNIC's ZoneCheck test, which I already described in my first post) unless something was done on x10hosting's side first.

That leaves us with the "main domain" setting. It's quite different from the other two: it's outside the cPanel interface, for one thing, and other hosts that I've seen don't have such a feature at all (the usual procedure seems to be to change the DNS domain-side, then "park").

Anyway, I was apparently able to set the "main domain" of my x10hosting account to bards.fr, replacing ksp.x10.mx - as opposed to "parking" it onto ksp.x10.mx through the cPanel. This completely removed ksp.x10.mx, and apparently created some SOA records.

Now the nameservers ns1.x10hosting.com and ns2.x10hosting.com somehow pass AFNIC's test (with a couple of warnings), and we'll see how it goes when the DNS are updated. At the time of writing, bards.fr still redirects to the old host, which was my previous setting.

There are two or three things that still bother me.

First, I was able to set "bards.fr" as the main domain of my x10hosting account, without any kind of verification as for whether I actually own "bards.fr" or not. If some other guy registered an x10hosting account, and wanted to set up "bards.fr" as his "main domain", he'd be able to do so. Is this normal?

(I'm asking because it's the first time that I see such a "main domain" feature. My previous host doesn't have anything like it.)

Second, it is apparently impossible (at least in my case) to carry out the regular procedure of "parking" a domain onto a second-level domain such as ksp.x10.mx, because of a "chicken-and-egg" problem (x10hosting can't complete the parking operation unless the domain's DNS are already set to ns1.x10hosting.com and ns2.x10hosting.com, whereas the domain's control panel doesn't let me set the DNS, reporting a missing SOA). Is this normal?

From the above, it seems that the documentation on your wiki ( http://x10hosting.com/wiki/How_to_Use_Your_Own_Domain#Main_Domain ) is wrong in at least one respect:

Before you begin, make sure your domain is pointed to the correct nameservers:

• ns1.x10hosting.com
• ns2.x10hosting.com

Now, this is true for "parked" domains (and that's why I couldn't "park" bards.fr onto ksp.x10.mx without setting un the domain's DNS first). But the "main domain" feature works as I described above (correct me if I'm wrong): it does not require the domain's DNS to be set to ns1.x10hosting.com and ns2.x10hosting.com; it sets some records which allow those nameservers to pass the AFNIC test. So in this case it works the other way around, as compared to the typical "parking" procedure. Is this normal?

(What I mean is, I have no idea whether this is the right way to deal with the SOA problem, or merely a workaround. I can't complain since it sort of works, but I'd appreciate some technical insight.)

Last but not least, my second-level domain, ksp.x10.mx, was removed when I changed my "main domain" to bards.fr, and now I have no idea how I'm supposed to access my site through FTP... Until now I had been uploading onto ksp.x10.mx, but now that it's gone, I'm a bit confused: where am I supposed to put my site's files now?

Thanks a lot.

---------- Post added at 11:50 PM ---------- Previous post was at 03:30 PM ----------

Update. The DNS change is now effective, and bards.fr is working normally.
FTP also works, although using bards.fr as an FTP host is a bit unexpected.

I'm still curious about the technical aspects of this "main domain" feature.

1) Is it OK that anyone at all can set up "bards.fr" as their "main domain"? I can't really complain that it worked, but shouldn't there have been some kind of verification?

2) Is it OK that setting up "bards.fr" as a "main domain" was the only solution that actually worked? I mean, "parking" bards.fr onto ksp.x10.mx requires the domain's DNS to be set to ns1.x10hosting.com and ns2.x10hosting.com, first - and when I tried that I ran into the SOA error. So I'm just asking - is it normal that "parking" didn't work, leaving the "main domain" as my only option?

3) Maybe I'm supposed to set a "main domain" once (removing the free second-level domain, in my case, ksp.x10.mx), then un-set the main domain (with the domain's DNS already pointing to ns1.x10hosting.com and ns2.x10hosting.com), setting it back to ksp.x10.mx or wherever, and then, finally, park bards.fr onto ksp.x10.mx? Is that how it's supposed to work?

Thanks for your patience

 

[masshuu]

1) Generally the nameservers have to be pointed to x10 for it to work. Only the owner can set this, thus it is enough verification. Should someone other than the owner set up a parked/addon/main domain, it would not work unless the nameservers were pointing to x10.

2) This is in its self a bit of a security feature, if the nameservers do not point to x10, then we can't grantee they own it. It is a bit odd that the main domain doesn't have this. I do see issues where people cannot park or add their domain, as they can't set nameservers until a proper entry is returned for it. In this case, simply opining a ticket, an admin can add it to your accout manually.

3) See 2: You can request an admin to add it manually.

 

[geyser.too82]

For what it's worth, here's my understanding of just what is going on here. Correct me if I'm wrong.

The "main domain" of a x10hosting account can be changed to anything at all ("kremlin.ru" will probably work, and maybe even "shpadoinkle.gov"), without the DNS of said domain pointing to x10 yet.
This will be useless to anyone who doesn't actually own those domains, but it still "hogs" the said domain on x10hosting's side, and will keep the actual owner from setting up his account in the same way.
Such situations, should they ever occur, can probably be resolved by the admins, and in no time at all - but still I think it doesn't hurt to point out the feature as being potentially troublesome.

Perhaps it would help if we understood just what the "main domain" setting actually does. Is one of its effects to "set some extra SOA records", which allow x10hosting's DNS to pass the domain's validation schemes?
Then maybe there should be a separate button that does Just That ("add some records"), without renaming the free domain associated with the account? And then, as a second step, the "main domain" setup proper?

Of course, there's nothing wrong with letting the admins take care of the mess, but it's not like there has to be a mess to begin with...

That said, I'm quite happy with x10 so far. Let's just hope I don't run into the "30-days-without-a-forum-login" limitation this summer

P.S. Say, masshuu, if you're into anime, feel free to check out oni2.net and oni.bungie.org (I hope there's no rule against such links).

 

[misson]

Second, it is apparently impossible (at least in my case) to carry out the regular procedure of "parking" a domain onto a second-level domain such as ksp.x10.mx, because of a "chicken-and-egg" problem (x10hosting can't complete the parking operation unless the domain's DNS are already set to ns1.x10hosting.com and ns2.x10hosting.com, whereas the domain's control panel doesn't let me set the DNS, reporting a missing SOA). Is this normal?

It's atypical. Most registrars don't check that a domain is properly configured on a name server before setting that name server as the authoritative server.

FTP also works, although using bards.fr as an FTP host is a bit unexpected.

bards.fr is your host name, so using it when connecting via FTP should make sense. You can also use ftp.bards.fr, though it's just a CNAME for bards.fr.

The "main domain" of a x10hosting account can be changed to anything at all [...] but still I think it doesn't hurt to point out the feature as being potentially troublesome.

Completely correct.

Perhaps it would help if we understood just what the "main domain" setting actually does.

In terms of configuration, I believe it's very similar to an add-on domain. For one, it sets up the necessary DNS records. Testing on my domain with "dig -t AXFR @ns1.x10hosting.com $domain", both my main and parked domain have SOA, MX, NS and A records, as well as a few CNAME records for www, mail and ftp subdomains. My main domain has A records for additional sub-domains (e.g. cpanel), though these are absent from "bards.fr". In terms of DNS, there isn't much difference between a main and auxiliary domain.

Secondly, it sets up a virtual host. This is where you may see a difference between a main and auxiliary domain. "VirtualHosts, Parked Domains, Subdomains, Addon Domains, and Symlinking" outlines one approach, where the main domain is set using the ServerName directive and add-on and parked domains are added using ServerAlias. I believe X10 currently uses dynamically configured mass virtual hosting (which doesn't use a VirtualHost section for each host), which (depending on implementation) may mean there is no difference in web server configuration between main and auxiliary domains.

There are additional configuration tasks (e.g. e-mail configuration) that may also differ between main and auxiliary domains.

Then maybe there should be a separate button that does Just That ("add some records"), without renaming the free domain associated with the account? And then, as a second step, the "main domain" setup proper?

The configuration system potentially could set up a zone file with SOA and NS records for the domain. However, this has the potential for abuse and may not even work, depending on what other tests your registrar runs on the domain. It also adds complexity that isn't generally needed. In the end, it's probably not worth it. You could take the course you mentioned in question 3 of changing the main domain, then configuring the domain with your registrar, then changing the domain back and adding the domain as an auxiliary domain.

 

[geyser.too82]

Great end to a great thread.
Much thanks to both of you.

 

[geyser.too82]

I'm just posting this to avoid the suspension of my free x10hosting account. Hopefully someone can confirm that I'm doing everything right.

Today (June 1) I received a warning saying I've been away from the forum for 51 days. That's a bit strange and scary, because I've been doing my best to comply with the rule of monthly logins, ever since I received the first such warning (April 11). Actually, I'm trying to log in every two weeks, and I most definitely logged in this weekend.

(As for the first warning, I plead guilty - being new to x10hosting, I almost certainly did forget to log in the first days of April. But in the present case, I have no idea where the "51 days" come from.)

Could it be that the forum engine doesn't register a login unless it occurs via the front page?
For example, this link: http://x10hosting.com/forums/newreply.php?do=postreply&t=149630
If I follow it while logged out of the forums, I'm prompted for a login. Does that login count?

 

[masshuu]

Generally simply logging in should work.
If you look here: http://x10hosting.com/forums/members/geyser-too82.html and see Last Activity, that should update.