Dns

For the last few years I’ve been using Gmail exclusively and have been forwarding emails to @victortrac.com to my Gmail account. Google’s spam filters are the best I’ve ever seen, and the interface is elegant and fast, and combined with loads of storage and IMAP access, Gmail is nearly the perfect email application. The XMPP integration is just icing on the cake.

Because of these features, I voluntarily gave up having a customized email address on my personal domain to take advantage of Google’s infrastructure and technology. The decision was fairly easy - I was deluged in spam and GMail’s web client was better than any other thin or thick client available. By forwarding my domain’s email to my Gmail account, I was letting Google’s wonderful anti-spam technology work its magic. This allowed me to retain some use of my previous email address, but as I started to use XMPP (aka Jabber or as Google calls it - Google Talk) I became more and more dependent on my Gmail identity. Sure, I had other Jabber IDs, but it was just too convenient having a unified email address and Jabber ID provided by Gmail.

However, let’s say that in five years Google shuts down or, more likely, another company comes along and provides a better service or product. By this time your Gmail identity has evolved into a unified presence, communications, and identification address where anyone can reach you at any time and is also your OpenID login to the majority of sites on the internet. If you’ve spent 10 years building this identity around a Gmail address, you’re not in a great position to easily transition. By using Google Apps on a domain that you own and control, you’ve at least separated the address from the services and would be able to move around as you want. It’s like being able to live all over the world, moving to where the grass is always greener, yet still always having a constant mailing address.

Getting it all to work

So today I registered and migrated victortrac.com to Google Apps, allowing me to use all of Google's great software on my personalized address. The registration process is really quick and simple, and the actual migration part is just a handful of DNS changes depending on what services you want to switch over to Google. For me it is just email and chat, and Google's documentation made it clear which MX servers I need to point my domain to.

For XMPP, however, the documentation isn’t very complete. According to this page, you need to add the following SRV records to your DNS server (replace gmail.com with your own domain):

_xmpp-server._tcp.gmail.com. IN SRV 5 0 5269 xmpp-server.l.google.com.
_xmpp-server._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server1.l.google.com.
_xmpp-server._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server2.l.google.com.
_xmpp-server._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server3.l.google.com.
_xmpp-server._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server4.l.google.com.
_jabber._tcp.gmail.com. IN SRV 5 0 5269 xmpp-server.l.google.com.
_jabber._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server1.l.google.com.
_jabber._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server2.l.google.com.
_jabber._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server3.l.google.com.
_jabber._tcp.gmail.com. IN SRV 20 0 5269 xmpp-server4.l.google.com.

The _xmpp-server._tcp and _jabber._tcp SRV records tell the requesting server to look at Google’s XMPP servers when there’s an XMPP request. There are two minor problems here:

Read more...

For a few days now, I’ve been unable to reach http://de.php.net, not because the site has been down but because of incorrect DNS configuration by de.php.net’s Germany host. When you request a PHP manual page, PHP.net does this trick of geo-locating your IP and redirects you to your closet PHP.net mirror.

If you take a look, de.php.net is actually a CNAME record for php3.globe.de, which is in turn authoritative at ns1.dns-service.net. The problem is ns1.dns-service.net doesn’t have a record for php3.globe.de:

Searching for de.php.net A record at k.root-servers.net [193.0.14.129]: Got referral to d.gtld-servers.net. (zone: net.) [took 48 ms]
Searching for de.php.net A record at d.gtld-servers.net. [192.31.80.30]: Got referral to ns1.easydns.com. (zone: php.net.) [took 42 ms]
Searching for de.php.net A record at ns1.easydns.com. [216.220.40.243]: Got CNAME of php3.globe.de. and referral to m.root-servers.net [took 76 ms]
Searching for php3.globe.de A record at c.root-servers.net [192.33.4.12]: Got referral to C.DE.NET. (zone: de.) [took 36 ms]
Searching for php3.globe.de A record at C.DE.NET. [208.48.81.43]: Got referral to ns1.dns-service.net. (zone: globe.de.) [took 46 ms]
Searching for php3.globe.de A record at ns1.dns-service.net. [212.124.35.10]: Reports that no A records exist. [took 133 ms]
Response: No A records exist for php3.globe.de, and php3.globe.de does not exist. [Neg TTL=86400 seconds] Details: ns1.dns-service.net. (an authoritative nameserver for globe.de.) says that there are no A records for php3.globe.de, and that the hostname php3.globe.de does not exist. The E-mail address in charge of the globe.de. zone is: guardian@globe.de. NOTE: One or more CNAMEs were encountered. de.php.net is really php3.globe.de. 

Normally when the master nameserver is non-functional, DNS queries should fail-over to slave nameservers and pages are served normally. However, in this case the master nameserver is fully functional - it just doesn’t have a record for php3.globe.de. What’s funny is that the secondary nameservers for globe.de, ns2.dns-service.net and ns3.dns-service.net, have the correct A record for php3.globe.de, which means that the servers’ zone serial numbers are off and master->slave propagation isn’t happening correctly.

I’ve easily solved my problem by just adding the correct entry into my local machine’s hosts file, but I shouldn’t have to do this (nor does this fix the problem for everyone else in Germany). This just goes to show that DNS can be complicated and even the pros mess up every once and a while.

Update

It seems to be working today. It took three days after I posted before someone at Globe.de noticed the problem and added the correct DNS entry.