[188376] in North American Network Operators' Group
Re: www.cisco.com no resolve?
daemon@ATHENA.MIT.EDU (Stephane Bortzmeyer)
Sat Mar 19 10:45:40 2016
X-Original-To: nanog@nanog.org
Date: Sat, 19 Mar 2016 15:45:05 +0100
From: Stephane Bortzmeyer <bortzmeyer@nic.fr>
To: John Kinsella <jlk@thrashyour.com>
In-Reply-To: <BCBCEF5D-0E54-468B-B3E4-6BBA8ED8F326@thrashyour.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Fri, Mar 18, 2016 at 10:53:15PM -0700,
John Kinsella <jlk@thrashyour.com> wrote
a message of 49 lines which said:
> Confirmed in Northern California, on all 3 primary NS servers. A
> little Friday night maintenance window, maybe?
Isn't it simply because the alias chain is awfully long (five steps)
and it may fail with resolvers which are hardened against the
"infinite recursion" attack?
% dig A www.cisco.com
...
;; ANSWER SECTION:
www.cisco.com. 3538 IN CNAME www.cisco.com.akadns.net.
www.cisco.com.akadns.net. 238 IN CNAME wwwds.cisco.com.edgekey.net.
wwwds.cisco.com.edgekey.net. 21538 IN CNAME wwwds.cisco.com.edgekey.net.globalredir.akadns.net.
wwwds.cisco.com.edgekey.net.globalredir.akadns.net. 3538 IN CNAME e144.dscb.akamaiedge.net.
e144.dscb.akamaiedge.net. 20 IN A 104.93.242.137
http://www.ssi.gouv.fr/uploads/2014/12/idns_attack_anssi.pdf
