[Yeti DNS Discuss] Authoritative for ARPA? (was: Strange BIND resolver behaviour (may be not Yeti-specific))
Pierre Beyssac
pb at fasterix.frmug.org
Wed Jul 15 15:56:26 UTC 2015
Hello all,
On Wed, Jul 15, 2015 at 07:58:42AM +0000, Shane Kerr wrote:
> All,
>
> While I was looking at Stephane's discovery du jour, I noticed that some
> Yeti servers are authoritative for arpa:
>
> $ dig +noall +auth @2a02:2810:0:405::250 -t ds 204.in-addr.arpa. +norecurse
> arpa. 172800 IN NS ns2.ipv6.ernet.in.
> arpa. 172800 IN NS yeti-ns.wide.ad.jp.
Unless I miserundstood something, they're (at least dahu1.yeti.eu.org)
not really authoritative AFAICT. They don't return the SOA on a SOA
request, they just return the NS arpa. list which they obviously
have from the root zone.
% dig +norecurse @dahu1.yeti.eu.org soa arpa
; <<>> DiG 9.9.7 <<>> +norecurse @dahu1.yeti.eu.org soa arpa
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33610
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 8, ADDITIONAL: 9
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;arpa. IN SOA
;; AUTHORITY SECTION:
arpa. 172800 IN NS bii.dns-lab.net.
arpa. 172800 IN NS dahu1.yeti.eu.org.
...
--
Pierre Beyssac pb at fasterix.frmug.org
More information about the discuss
mailing list