<html><head></head><body><div style="color:#000; background-color:#fff; font-family:garamond, new york, times, serif;font-size:13px"><div id="yiv7408962830"><div id="yui_3_16_0_1_1450881113031_15330"><div style="color:#000;background-color:#fff;font-family:garamond, new york, times, serif;font-size:13px;" id="yui_3_16_0_1_1450881113031_15329"><div id="yiv7408962830"><div id="yiv7408962830yui_3_16_0_1_1450881113031_12191"><div id="yiv7408962830yui_3_16_0_1_1450881113031_12190" style="color:#000;background-color:#fff;font-family:garamond, new york, times, serif;font-size:13px;"><div id="yiv7408962830"><div id="yiv7408962830yui_3_16_0_1_1450884935666_8950"><div id="yiv7408962830yui_3_16_0_1_1450884935666_8949" style="color:#000;background-color:#fff;font-family:garamond, new york, times, serif;font-size:13px;"><div id="yiv7408962830yui_3_16_0_1_1450881113031_3053"><div id="yiv7117842403yui_3_16_0_1_1450881113031_3053" class="">Thanks for you replies. </div><div id="yiv7117842403yui_3_16_0_1_1450881113031_3053" class=""><br></div><div id="yiv7117842403yui_3_16_0_1_1450881113031_3053" class="">@Brain,</div><div id="yiv7117842403yui_3_16_0_1_1450881113031_3053" class="">I understand this not a proper implementation. But this  setup is running from years, until this week we didn't face any similar problem . Infact another domain of ours having ns boxes in same subnet not facing any similar issue. <br clear="none" id="yui_3_16_0_1_1450881113031_15397" class=""></div><div id="yiv7117842403yui_3_16_0_1_1450881113031_3053" class=""><br clear="none" id="yui_3_16_0_1_1450881113031_15400" class=""></div><div class="" id="yiv7117842403yui_3_16_0_1_1450881113031_3053">[root@Jasim ~]# host -t ns btraccl.com</div><div class="" id="yiv7117842403yui_3_16_0_1_1450881113031_3053">btraccl.com name server ns2.aknetbd.com.</div><div class="" id="yiv7117842403yui_3_16_0_1_1450881113031_3053">btraccl.com name server ns1.aknetbd.com.</div><div class="" id="yiv7117842403yui_3_16_0_1_1450881113031_3053">[root@Jasim ~]# host ns1.aknetbd.com</div><div class="" id="yiv7117842403yui_3_16_0_1_1450881113031_3053">ns1.aknetbd.com has address 221.120.96.2</div><div class="" id="yiv7117842403yui_3_16_0_1_1450881113031_3053">[root@Jasim ~]# host ns2.aknetbd.com</div><div class="" id="yiv7117842403yui_3_16_0_1_1450881113031_3053">ns2.aknetbd.com has address 221.120.96.3</div><div class="" id="yiv7117842403yui_3_16_0_1_1450881113031_3053"><br clear="none" id="yui_3_16_0_1_1450881113031_15410" class=""></div><div class="" dir="ltr" id="yiv7117842403yui_3_16_0_1_1450881113031_3053"><a rel="nofollow" shape="rect" id="yiv7117842403yui_3_16_0_1_1450881113031_4123" target="_blank" href="https://www.whatsmydns.net/#A/btraccl.com" class="">https://www.whatsmydns.net/#A/btraccl.com</a><br clear="none" id="yui_3_16_0_1_1450881113031_15414" class=""></div><div id="yiv7117842403yui_3_16_0_1_1450881113031_3053" class=""><br clear="none" id="yui_3_16_0_1_1450881113031_15417" class=""></div><div class="" dir="ltr" id="yiv7117842403yui_3_16_0_1_1450881113031_3823">@Suman,</div><div class="" dir="ltr" id="yiv7117842403yui_3_16_0_1_1450881113031_3823">No, we aren't using multiple zone files for different ip blocks. </div><div class="" dir="ltr" id="yiv7117842403yui_3_16_0_1_1450881113031_3752"><br></div><div class="" dir="ltr" id="yiv7117842403yui_3_16_0_1_1450881113031_3752"><br clear="none" id="yui_3_16_0_1_1450881113031_15427" class=""></div><div class="" dir="ltr" id="yiv7117842403yui_3_16_0_1_1450881113031_3752">Regards,</div><div class="" dir="ltr" id="yiv7117842403yui_3_16_0_1_1450881113031_3752">Jasim</div></div><div class="yiv7408962830qtdSeparateBR" id="yiv7408962830yui_3_16_0_1_1450884935666_8985"><br clear="none"></div><div class="yiv7408962830yqt8446841327" id="yiv7408962830yqt30907"></div></div></div></div><div class="yiv7408962830yqt4566090389" id="yiv7408962830yqt35450"><div class="yiv7408962830yqt5288424636" id="yiv7408962830yqt10978"><div id="yiv7408962830yui_3_16_0_1_1450881113031_12361"> <div id="yiv7408962830yui_3_16_0_1_1450881113031_12360" style="font-family:garamond, new york, times, serif;font-size:13px;"> <div id="yiv7408962830yui_3_16_0_1_1450881113031_12359" style="font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px;"> <div dir="ltr" id="yiv7408962830yui_3_16_0_1_1450881113031_12366"><font id="yiv7408962830yui_3_16_0_1_1450881113031_12365" size="2" face="Arial"> On Wednesday, December 23, 2015 3:40 PM, Brian Candler <brian@nsrc.org> wrote:<br clear="none"></font></div>  <br clear="none"><br clear="none"> <div class="yiv7408962830y_msg_container" id="yiv7408962830yui_3_16_0_1_1450881113031_12358">Unfortunately the checker at dns.squish.net appears to be broken.<br clear="none"><br clear="none">Trying this manually from here (UK):<br clear="none"><br clear="none">$ dig +norec @a.root-servers.net. btraccl.net. mx<br clear="none">.. referral to gtld servers<br clear="none"><br clear="none">$ dig +norec @a.gtld-servers.net. btraccl.net. mx<br clear="none">;; AUTHORITY SECTION:<br clear="none">btraccl.net.            172800  IN      NS      ns1.btraccl.net.<br clear="none">btraccl.net.            172800  IN      NS      ns2.btraccl.net.<br clear="none"><br clear="none">;; ADDITIONAL SECTION:<br clear="none">ns1.btraccl.net.        172800  IN      A       103.9.185.229<br clear="none">ns2.btraccl.net.        172800  IN      A       103.9.185.230<br clear="none"><br clear="none">Ah: so your problem is that you are not following RFC 2182 (esp. <br clear="none">sections 3.1 to 3.3). It is almost entirely pointless having two <br clear="none">authoritative DNS servers if they are on the same subnet, for the very <br clear="none">reason that you have discovered: the Internet is not a fully-connected <br clear="none">network.<br clear="none"><br clear="none">Get your secondary service on a different network, on a different <br clear="none">backbone AS and preferably in an entirely different country.<br clear="none"><br clear="none">You may be able to find a similar-sized organisation in a different <br clear="none">country which is happy to swap secondary DNS service with you (i.e. they <br clear="none">act as your secondary, and vice versa). Otherwise, you can take a cheap <br clear="none">commercial DNS service (e.g. Godaddy Premium DNS). Or, if you already <br clear="none">have a cloud VM somewhere with a static IP (e.g. EC2 with Elastic IP) <br clear="none">you can run your secondary DNS on that.<br clear="none"><br clear="none">Of course, if Yahoo cannot contact either of your DNS servers, and your <br clear="none">mail server is on the same subnet (103.9.185.227), then they're still <br clear="none">not going to be able to send mail to you. But at least the name will be <br clear="none">resolved, and you will get a more useful error message, and you can take <br clear="none">up the lack of SMTP connectivity separately.<br clear="none"><br clear="none">Furthermore: if you have a remote VM under your control, you can make <br clear="none">this a secondary MX receiver for your domain, so that people who cannot <br clear="none">deliver mail directly to you will deliver to your secondary MX, which in <br clear="none">turn will relay to your main mail server.<br clear="none"><br clear="none">Regards,<br clear="none"><br clear="none">Brian.<br clear="none"><br clear="none"><br clear="none"><br clear="none"></div>  </div> </div>  </div></div></div></div></div></div></div></div></div></div></body></html>