Re: g.root-servers.net returns NXDOMAIN for com.

North American Network Operators Group

Re: g.root-servers.net returns NXDOMAIN for com.

From: Greg A. Woods
Date: Fri Aug 04 12:52:57 2000

[ On Friday, August 4, 2000 at 09:23:48 (-0500), Jeffrey C. Ollie wrote: ]
> Subject: Re: g.root-servers.net returns NXDOMAIN for com.
>
> Because g.root-servers.net should still return a list of authoritative
> name servers for .com *even if* g.root-servers.net is no longer
> authoritative for .com.
> 
> When g.root-servers.net returns an *AUTHORITATIVE NXDOMAIN* for .com
> things start breaking.

I was going to write:

	Anyone asking g.root-servers.net for anything in .com is who's
	broken.  Any delegation pointing .com to g.root-servers.net
	should have long long ago timed out from any properly running
	nameserver out there.

but then I see this little surprise from a "host -C com.":

	com                     NS      G.ROOT-SERVERS.NET
	com SOA record currently not present at G.ROOT-SERVERS.NET
	com has lame delegation to G.ROOT-SERVERS.NET

When I look at the delegations directly in the two copies of the root
zone now in active use (2000080400 and 2000080301) I do not find where 
my local copy of the above NS record originated!  When I do a dumpdb I
find that it has the following origination:

com     81712   IN      NS      G.ROOT-SERVERS.NET.     ;Cr=addtnl [192.203.230.10]

Oddly it's not there now:

	# host -r -t ns com. 192.203.230.10
	com                     NS      I.GTLD-SERVERS.NET
	com                     NS      B.GTLD-SERVERS.NET
	com                     NS      A.ROOT-SERVERS.NET
	com                     NS      E.GTLD-SERVERS.NET
	com                     NS      F.GTLD-SERVERS.NET
	com                     NS      F.ROOT-SERVERS.NET
	com                     NS      J.GTLD-SERVERS.NET
	com                     NS      K.GTLD-SERVERS.NET
	com                     NS      A.GTLD-SERVERS.NET
	com                     NS      M.GTLD-SERVERS.NET
	com                     NS      G.GTLD-SERVERS.NET
	com                     NS      C.GTLD-SERVERS.NET

G.root-servers.net is also found in my cache as an NS for .ORG and .NET,
neither of which should be there according to the current root zone at
a.root-servers.net, nor even the older 2000080301 '.' zone still at some
other root servers!

org     116876  IN      NS      G.ROOT-SERVERS.NET.     ;Cr=addtnl [192.33.4.12]
NET     115866  IN      NS      G.ROOT-SERVERS.NET.     ;Cr=addtnl [198.41.0.10]

So I can see clearly where the bogus NS records came from, and I can see
approximately when too (the above dump records were generated at 12:29 EDT).

Does this mean someone foolishly made some radically BAD changes within
the 144-hour window where no changes should have been made!?!?!?!?!?

Can 'g.root-servers.net' QUICKLY be brought back online for com/org/net
until the 144-hour window necessary for a root zone change properly
expires?

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <[email protected]>      <robohack!woods>
Planix, Inc. <[email protected]>; Secrets of the Weird <[email protected]>

References:
- g.root-servers.net returns NXDOMAIN for com. jmalcolm
- Re: g.root-servers.net returns NXDOMAIN for com. Chris Adams
- Re: g.root-servers.net returns NXDOMAIN for com. Jeffrey C. Ollie

Prev by Date: Re: g.root-servers.net returns NXDOMAIN for com.
Next by Date: Looking for network maps/info for South/Central America
Date Index
Thread Index
Author Index
Historical