[190986] in North American Network Operators' Group
Re: nxdomain rfc2308 type 2, but authority is incorrect
daemon@ATHENA.MIT.EDU (Joe Maimon)
Wed Aug 10 15:27:41 2016
X-Original-To: nanog@nanog.org
Date: Wed, 10 Aug 2016 15:27:32 -0400
From: Joe Maimon <jmaimon@ttec.com>
To: William Herrin <bill@herrin.us>
In-Reply-To: <CAP-guGUHSV1U++GEYnUbtUeA-SCFvnGs3oVCUh4P5hn135SjAA@mail.gmail.com>
Cc: North American Networking and Offtopic Gripes List <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
William Herrin wrote:
> On Wed, Aug 10, 2016 at 2:05 PM, Joe Maimon <jmaimon@ttec.com> wrote:
>> www.kissimmee.org
>>
>> Windows 2008 dns cannot resolve it.
>>
>> BIND can.
>
> Hi Joe,
>
> Does Windows 2008 like anything in the "hosting" TLD?
>
> I notice that the nameresolve.com servers returning the CNAME to
> kissimmee-fl.vts.hosting are also returning an SOA record for
> "hosting" in the authority section which looks very strange to me.
> Perhaps Windows is rejecting it as an invalid, possibly dangerous
> response packet?
>
> Regards,
> Bill Herrin
>
>
I think that provided SOA record is a "local" or "alternate" version and
its existence is why the nxdomain response is being sent to the windows
dns server that accepts it at face value (but does not appear to store
it in cache, so this is not precisely cache poisoning)
Here is another example, unrelated to the new TLD's
www.lomita.com
Joe
