[30436] in North American Network Operators' Group
Re: g.root-servers.net returns NXDOMAIN for com.
daemon@ATHENA.MIT.EDU (Greg A. Woods)
Fri Aug 4 12:51:15 2000
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
From: woods@weird.com (Greg A. Woods)
To: nanog@merit.edu
Cc: hostmaster@nsiregistry.NET, bobm@NIC.MIL
In-Reply-To: <20000804092348.A21718@ollie.clive.ia.us>
Reply-To: woods@planix.com (Greg A. Woods)
Message-Id: <20000804164905.C9F368A@proven.weird.com>
Date: Fri, 4 Aug 2000 12:49:05 -0400 (EDT)
Errors-To: owner-nanog-outgoing@merit.edu
[ On Friday, August 4, 2000 at 09:23:48 (-0500), Jeffrey C. Ollie wrote: ]
> Subject: Re: g.root-servers.net returns NXDOMAIN for com.
>
> Because g.root-servers.net should still return a list of authoritative
> name servers for .com *even if* g.root-servers.net is no longer
> authoritative for .com.
>
> When g.root-servers.net returns an *AUTHORITATIVE NXDOMAIN* for .com
> things start breaking.
I was going to write:
Anyone asking g.root-servers.net for anything in .com is who's
broken. Any delegation pointing .com to g.root-servers.net
should have long long ago timed out from any properly running
nameserver out there.
but then I see this little surprise from a "host -C com.":
com NS G.ROOT-SERVERS.NET
com SOA record currently not present at G.ROOT-SERVERS.NET
com has lame delegation to G.ROOT-SERVERS.NET
When I look at the delegations directly in the two copies of the root
zone now in active use (2000080400 and 2000080301) I do not find where
my local copy of the above NS record originated! When I do a dumpdb I
find that it has the following origination:
com 81712 IN NS G.ROOT-SERVERS.NET. ;Cr=addtnl [192.203.230.10]
Oddly it's not there now:
# host -r -t ns com. 192.203.230.10
com NS I.GTLD-SERVERS.NET
com NS B.GTLD-SERVERS.NET
com NS A.ROOT-SERVERS.NET
com NS E.GTLD-SERVERS.NET
com NS F.GTLD-SERVERS.NET
com NS F.ROOT-SERVERS.NET
com NS J.GTLD-SERVERS.NET
com NS K.GTLD-SERVERS.NET
com NS A.GTLD-SERVERS.NET
com NS M.GTLD-SERVERS.NET
com NS G.GTLD-SERVERS.NET
com NS C.GTLD-SERVERS.NET
G.root-servers.net is also found in my cache as an NS for .ORG and .NET,
neither of which should be there according to the current root zone at
a.root-servers.net, nor even the older 2000080301 '.' zone still at some
other root servers!
org 116876 IN NS G.ROOT-SERVERS.NET. ;Cr=addtnl [192.33.4.12]
NET 115866 IN NS G.ROOT-SERVERS.NET. ;Cr=addtnl [198.41.0.10]
So I can see clearly where the bogus NS records came from, and I can see
approximately when too (the above dump records were generated at 12:29 EDT).
Does this mean someone foolishly made some radically BAD changes within
the 144-hour window where no changes should have been made!?!?!?!?!?
Can 'g.root-servers.net' QUICKLY be brought back online for com/org/net
until the 144-hour window necessary for a root zone change properly
expires?
--
Greg A. Woods
+1 416 218-0098 VE3TCP <gwoods@acm.org> <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>
