North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: g.root-servers.net returns NXDOMAIN for com.
[ On Friday, August 4, 2000 at 09:23:48 (-0500), Jeffrey C. Ollie wrote: ] > Subject: Re: g.root-servers.net returns NXDOMAIN for com. > > Because g.root-servers.net should still return a list of authoritative > name servers for .com *even if* g.root-servers.net is no longer > authoritative for .com. > > When g.root-servers.net returns an *AUTHORITATIVE NXDOMAIN* for .com > things start breaking. I was going to write: Anyone asking g.root-servers.net for anything in .com is who's broken. Any delegation pointing .com to g.root-servers.net should have long long ago timed out from any properly running nameserver out there. but then I see this little surprise from a "host -C com.": com NS G.ROOT-SERVERS.NET com SOA record currently not present at G.ROOT-SERVERS.NET com has lame delegation to G.ROOT-SERVERS.NET When I look at the delegations directly in the two copies of the root zone now in active use (2000080400 and 2000080301) I do not find where my local copy of the above NS record originated! When I do a dumpdb I find that it has the following origination: com 81712 IN NS G.ROOT-SERVERS.NET. ;Cr=addtnl [188.8.131.52] Oddly it's not there now: # host -r -t ns com. 184.108.40.206 com NS I.GTLD-SERVERS.NET com NS B.GTLD-SERVERS.NET com NS A.ROOT-SERVERS.NET com NS E.GTLD-SERVERS.NET com NS F.GTLD-SERVERS.NET com NS F.ROOT-SERVERS.NET com NS J.GTLD-SERVERS.NET com NS K.GTLD-SERVERS.NET com NS A.GTLD-SERVERS.NET com NS M.GTLD-SERVERS.NET com NS G.GTLD-SERVERS.NET com NS C.GTLD-SERVERS.NET G.root-servers.net is also found in my cache as an NS for .ORG and .NET, neither of which should be there according to the current root zone at a.root-servers.net, nor even the older 2000080301 '.' zone still at some other root servers! org 116876 IN NS G.ROOT-SERVERS.NET. ;Cr=addtnl [220.127.116.11] NET 115866 IN NS G.ROOT-SERVERS.NET. ;Cr=addtnl [18.104.22.168] So I can see clearly where the bogus NS records came from, and I can see approximately when too (the above dump records were generated at 12:29 EDT). Does this mean someone foolishly made some radically BAD changes within the 144-hour window where no changes should have been made!?!?!?!?!? Can 'g.root-servers.net' QUICKLY be brought back online for com/org/net until the 144-hour window necessary for a root zone change properly expires? -- Greg A. Woods +1 416 218-0098 VE3TCP <[email protected]> <robohack!woods> Planix, Inc. <[email protected]>; Secrets of the Weird <[email protected]>