[174533] in North American Network Operators' Group
Re: Bare TLD resolutions
daemon@ATHENA.MIT.EDU (Owen DeLong)
Wed Sep 17 21:24:56 2014
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <CAAAwwbWwHDGhLocOm47gRq3Md3=SNs667jmobXwz6wz1wk0XZQ@mail.gmail.com>
Date: Wed, 17 Sep 2014 18:20:11 -0700
To: Jimmy Hess <mysidia@gmail.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Sep 17, 2014, at 6:01 PM, Jimmy Hess <mysidia@gmail.com> wrote:
> On Wed, Sep 17, 2014 at 11:09 AM, Jay Ashworth <jra@baylink.com> =
wrote:
>=20
>> The latter would seem to be avoidable by making sure that *DNS =
resolution
>> of bare TLDs always returns NXDOMAIN*.
> [snip]
>=20
> Not NXDOMAIN. When TLD. is looked up, they should always return =
NOERROR.
Well=85 A TLD which does not exist should return NXDOMAIN. For example, =
if I do a query for .NONEXISTANTTLD.,
then I should get NXDOMAIN=85
Owens-MacBook-Pro:Downloads owendelong$ dig NONEXISTANTTLD.
; <<>> DiG 9.8.3-P1 <<>> NONEXISTANTTLD.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 64254
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;NONEXISTANTTLD. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. =
nstld.verisign-grs.com. 2014091701 1800 900 604800 86400
But for any TLD which exists, yes.
Owen
