[190987] in North American Network Operators' Group
Re: nxdomain rfc2308 type 2, but authority is incorrect
daemon@ATHENA.MIT.EDU (William Herrin)
Wed Aug 10 18:50:42 2016
X-Original-To: nanog@nanog.org
X-Really-To: <nanog@nanog.org>
In-Reply-To: <57AB8024.7010702@ttec.com>
From: William Herrin <bill@herrin.us>
Date: Wed, 10 Aug 2016 18:50:11 -0400
To: Joe Maimon <jmaimon@ttec.com>
Cc: North American Networking and Offtopic Gripes List <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Wed, Aug 10, 2016 at 3:27 PM, Joe Maimon <jmaimon@ttec.com> wrote:
> William Herrin wrote:
>> On Wed, Aug 10, 2016 at 2:05 PM, Joe Maimon <jmaimon@ttec.com> wrote:
>>> www.kissimmee.org
>>> Windows 2008 dns cannot resolve it.
>> I notice that the nameresolve.com servers returning the CNAME to
>> kissimmee-fl.vts.hosting are also returning an SOA record for
>> "hosting" in the authority section which looks very strange to me.
>> Perhaps Windows is rejecting it as an invalid, possibly dangerous
>> response packet?
>
> I think that provided SOA record is a "local" or "alternate" version and its
> existence is why the nxdomain response is being sent to the windows dns
> server that accepts it at face value (but does not appear to store it in
> cache, so this is not precisely cache poisoning)
Oh! I missed that. ns*.nameresolve.com, the authoratative name servers
for kissimmee.org, are saying NXDOMAIN for www.kissimmee.org. Any idea
what DNS server nameresolve.com uses? Because that's... wow.
-Bill
--
William Herrin ................ herrin@dirtside.com bill@herrin.us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>
