[80868] in North American Network Operators' Group
Verisign broke GTLDs again?
daemon@ATHENA.MIT.EDU (Michael Tokarev)
Mon May 16 06:48:47 2005
Date: Mon, 16 May 2005 14:46:49 +0400
From: Michael Tokarev <mjt@tls.msk.ru>
To: nanog@merit.edu
Errors-To: owner-nanog@merit.edu
Noticied today. All Verisign's GTLD servers broke
EDNS0 (RFC2671). Here's how it looks like:
query:
$ dnsget -t mx -vv microsoft.net. -n 192.5.6.30
;; trying microsoft.net.
;; sending 42 bytes query to 192.5.6.30 port 53
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64471, size: 42
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUERY SECTION (1):
;microsoft.net. IN MX
;; ADDITIONAL section (1):
;EDNS0 OPT record (UDPsize: 4096): 0 bytes
Note the EDNS0 stuff (numar=1). And here's the reply to this query:
;; received 12 bytes response from 192.5.6.30 port 53
;; unexpected number of entries in QUERY section: 0
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 64471, size: 12
;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION (0):
; invalid query section
They're returning FORMERR (which is wrong), *and* don't return the
original query (numqd=0).
Without EDNS0 extensions, it works like expected.
/mjt