So I’ve been informed that there are some bizarre problems resolving a website that has recently changed providers from digiweb to novara (wasn’t my idea). From elsewhere the new site appears reliably, but from inside our network we are getting the following results:
andgal@nbgal185:~$ host -t any peracton.com peracton.com has SOA record ns1.novara.ie. hostmaster.host.ie. 2011080416 10800 3600 604800 14400 peracton.com name server ns1.novara.ie. peracton.com name server ns2.novara.ie. peracton.com name server ns3.nameserver.ie. peracton.com mail is handled by 10 smail3.host.ie. peracton.com has address 188.8.131.52 andgal@nbgal185:~$ host peracton.com peracton.com has address 184.108.40.206 peracton.com mail is handled by 10 mail2.hosting.digiweb.ie.
The first set of results is the “correct” one, so why is host (and nslookup, and dig, and firefox…) still going to the old address by default? I suspect it is something to do with cache locking on our Server 2008 DNS forwarder. It seems that even after I have forced a fresh request by using “-t any”, the stale cached A record is being returned for normal searches. This is apparently a security measure to protect against cache poisoning. It would appear that the TTL on the old A record was unusually long, which means that I had to flush the cache on the primary DNS forwarder (the backup DNS forwarder is fine, presumably because the old record was never in its cache).
Sure enough, running “dnscmd /clearcache” on the offending server fixed the problem.