[190988] in North American Network Operators' Group
Re: nxdomain rfc2308 type 2, but authority is incorrect
daemon@ATHENA.MIT.EDU (Mark Andrews)
Wed Aug 10 18:59:01 2016
X-Original-To: nanog@nanog.org
To: Joe Maimon <jmaimon@ttec.com>
From: Mark Andrews <marka@isc.org>
In-reply-to: Your message of "Wed, 10 Aug 2016 15:27:32 -0400."
<57AB8024.7010702@ttec.com>
Date: Thu, 11 Aug 2016 08:58:52 +1000
Cc: hostmaster@nameresovle.com,
North American Networking and Offtopic Gripes List <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
In message <57AB8024.7010702@ttec.com>, Joe Maimon writes:
>
>
> William Herrin wrote:
> > On Wed, Aug 10, 2016 at 2:05 PM, Joe Maimon <jmaimon@ttec.com> wrote:
> >> www.kissimmee.org
> >>
> >> Windows 2008 dns cannot resolve it.
> >>
> >> BIND can.
> >
> > Hi Joe,
> >
> > Does Windows 2008 like anything in the "hosting" TLD?
> >
> > I notice that the nameresolve.com servers returning the CNAME to
> > kissimmee-fl.vts.hosting are also returning an SOA record for
> > "hosting" in the authority section which looks very strange to me.
> > Perhaps Windows is rejecting it as an invalid, possibly dangerous
> > response packet?
> >
> > Regards,
> > Bill Herrin
> >
> >
>
> I think that provided SOA record is a "local" or "alternate" version and
> its existence is why the nxdomain response is being sent to the windows
> dns server that accepts it at face value (but does not appear to store
> it in cache, so this is not precisely cache poisoning)
Nameresovle.com's servers are returning answers that can be seen
as a cache poisioning attempt. They are NOT authorative for
".hosting" but have been configured as if they are. This is a big
NO NO. You don't configure youself as authoritative for a zone
that has not been delegated to you and in particular you don't
configure yourself as authoritative for "." or a TLD.
Windows 2008 is quite correct in rejecting this answer. Named would
as well except for the number of DNS hosters that do this sort of
garbage. Named just sees the CNAME and stops processing the message
after that.
Mark
> Here is another example, unrelated to the new TLD's
>
> www.lomita.com
>
>
> Joe
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
