Join 3,551 readers in helping fund MetaFilter (Hide)


DNS MX record oddity - Hostgator related
March 26, 2013 7:08 AM   Subscribe

Can you explain why this IP address shows up with lookups for the MX records of these domains?

We have a few domains fncpark.com, oxfordparkcommission.com, oxfordms.net.

The fncpark.com and oxfordms.net domains have websites and DNS (they say they require this) hosted by HostGator. The oxfordparkcommission.com has a website hosted elsewhere (not HostGator) and DNS on NetworkSolutions. All 3 domains have email hosted on a local email server we maintain.

We run email through Barracuda's cloud control service before it hits our server. The MX records for each domain are along the lines of:
d16xxxxa.ess.barracudanetworks.com where the xxxx is different numbers according to the domain.

Ok, now if you go to MXtoolbox.com and check the MX record for oxfordparkcommission.com it shows:
mx:oxfordparkcommission.com
mx
Pref Hostname IP Address TTL
10 d16761a.ess.barracudanetworks.com 64.235.154.66 2 hrs
10 d16761b.ess.barracudanetworks.com 64.235.150.197 2 hrs

The "IP address" corresponds with the Barracuda servers. However if you do another lookup for fncpark.com (the one HostGator has webhosting and DNS for) we see:
mx:fncpark.com
mx
Pref Hostname IP Address TTL
10 d16748a.ess.barracudanetworks.com 174.120.150.130 4 hrs
10 d16748b.ess.barracudanetworks.com 174.120.150.130 4 hrs
The IP addresses are a HostGator address..? Why? I have contacted HostGator and not received a good answer on this.

Email appears to be working correctly so should I not be concerned? Is this just some quirky thing HostGator does?

Also - one last question - is it not possible to have DNS for our domains elsewhere and the webhosting at HostGator? Does anyone do this? HostGator keeps telling me they require DNS on their servers if they have the webhosting.
posted by dukes909 to Computers & Internet (2 answers total)
 
The short answer is that mxtoolbox.com is returning bad information. Don't trust that site. I could go into more detail about exactly how it's mis-parsing the DNS response, but it's really not very interesting. The IP addresses for the MX hosts for fncpark.com are 64.235.154.66 and 64.235.150.197, not the ones that mxtoolbox.com reported.
posted by 1970s Antihero at 7:26 AM on March 26, 2013 [1 favorite]


I did some diagnosis of the problem:
$ dig NS fncpark.com

; <<>> DiG 9.7.6-P1 <<>> NS fncpark.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49369
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;fncpark.com. IN NS

;; ANSWER SECTION:
fncpark.com. 85981 IN NS ns2065.hostgator.com.
fncpark.com. 85981 IN NS ns2066.hostgator.com.

$ dig @ns2066.hostgator.com MX fncpark.com

; <<>> DiG 9.7.6-P1 <<>> @ns2066.hostgator.com MX fncpark.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38992
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 4
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;fncpark.com. IN MX

;; ANSWER SECTION:
fncpark.com. 14400 IN MX 10 d16748a.ess.barracudanetworks.com.
fncpark.com. 14400 IN MX 10 d16748b.ess.barracudanetworks.com.

;; AUTHORITY SECTION:
fncpark.com. 86400 IN NS ns2065.hostgator.com.
fncpark.com. 86400 IN NS ns2066.hostgator.com.

;; ADDITIONAL SECTION:
d16748a.ess.barracudanetworks.com. 3600 IN A 174.120.150.130
d16748b.ess.barracudanetworks.com. 3600 IN A 174.120.150.130
ns2065.hostgator.com. 14400 IN A 174.120.150.130
ns2066.hostgator.com. 14400 IN A 174.120.150.131

$ dig A d16748a.ess.barracudanetworks.com

; <<>> DiG 9.7.6-P1 <<>> A d16748a.ess.barracudanetworks.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 1135
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;d16748a.ess.barracudanetworks.com. IN A

;; ANSWER SECTION:
d16748a.ess.barracudanetworks.com. 300 IN A 64.235.150.197
d16748a.ess.barracudanetworks.com. 300 IN A 64.235.154.66

$ dig @ns2066.hostgator.com A d16748a.ess.barracudanetworks.com

; <<>> DiG 9.7.6-P1 <<>> @ns2066.hostgator.com A d16748a.ess.barracudanetworks.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63562
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;d16748a.ess.barracudanetworks.com. IN A

;; ANSWER SECTION:
d16748a.ess.barracudanetworks.com. 3600 IN A 174.120.150.130

;; AUTHORITY SECTION:
. 3600 IN NS ns2065.hostgator.com.
. 3600 IN NS ns2066.hostgator.com.

;; ADDITIONAL SECTION:
ns2065.hostgator.com. 14400 IN A 174.120.150.130
ns2066.hostgator.com. 14400 IN A 174.120.150.131

$ dig @ns2066.hostgator.com A jibberish.example.com

; <<>> DiG 9.7.6-P1 <<>> @ns2066.hostgator.com A jibberish.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52920
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;jibberish.example.com. IN A

;; ANSWER SECTION:
jibberish.example.com. 3600 IN A 174.120.150.130

;; AUTHORITY SECTION:
. 3600 IN NS ns2066.hostgator.com.
. 3600 IN NS ns2065.hostgator.com.

;; ADDITIONAL SECTION:
ns2065.hostgator.com. 14400 IN A 174.120.150.130
ns2066.hostgator.com. 14400 IN A 174.120.150.131
It looks like HostGator's DNS servers return some inaccurate information in the "Additional section" of their DNS response (it looks like they'll return a response of 174.120.150.130 for any A record request that they don't recognize -- probably some sort hack to support wildcard DNS). It won't be a problem for most DNS resolvers since most modern resolvers won't trust records in the "Additional Section" for which a DNS server is not authoritative as a countermeasure to DNS cache poisoning attacks. MXtoolbox.com is trusting this information when preparing their response, but they really shouldn't. I find this behavior on the part of HostGator DNS annoying enough that I wouldn't trust HostGator for DNS, but I tend to be too picky about this kind of thing.

As to your other questions, it is certainly possible to use a separate DNS provider from your web host, but not all web providers support it. I generally encourage it since it makes it much easier to switch hosting providers. I recommend EasyDNS for a DNS provider.
posted by RichardP at 7:51 AM on March 26, 2013 [4 favorites]


« Older What is the best compact umbre...   |  A con I help run has video art... Newer »
This thread is closed to new comments.