accelerated TTL decrement
Brad Knowles
brad.knowles at skynet.be
Fri Apr 13 13:06:11 UTC 2001
At 1:22 AM -0600 4/13/01, Nate Duehr wrote:
> On one of my nameservers, every few [three to be exact] days I lose the
> ability to find any records in the wellogix.com zone.
Here's your problem:
dig @a.gtld-servers.net. wellogix.com. ns
; <<>> DiG 8.1 <<>> @a.gtld-servers.net. wellogix.com. ns
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 2
;; QUERY SECTION:
;; wellogix.com, type = NS, class = IN
;; ANSWER SECTION:
wellogix.com. 2D IN NS NS2.wellogix.com.
wellogix.com. 2D IN NS NS3.wellogix.com.
;; ADDITIONAL SECTION:
NS2.wellogix.com. 2D IN A 63.224.68.250
NS3.wellogix.com. 2D IN A 208.146.252.243
;; Total query time: 13 msec
;; WHEN: Fri Apr 13 08:54:38 2001
;; MSG SIZE sent: 30 rcvd: 98
dig @NS2.wellogix.com. wellogix.com. soa
; <<>> DiG 8.1 <<>> @NS2.wellogix.com. wellogix.com. soa
; (1 server found)
;; res options: init recurs defnam dnsrch
;; res_send to server NS2.wellogix.com. 63.224.68.250: Connection refused
dig @NS3.wellogix.com. wellogix.com. soa
; <<>> DiG 8.1 <<>> @NS3.wellogix.com. wellogix.com. soa
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; QUERY SECTION:
;; wellogix.com, type = SOA, class = IN
;; ANSWER SECTION:
wellogix.com. 42m40s IN SOA a.ns.wellogix.com.
hostmaster.wellogix.com. (
986999119 ; serial
4h33m4s ; refresh
34m8s ; retry
1w5d3h16m16s ; expiry
42m40s ) ; minimum
;; AUTHORITY SECTION:
wellogix.com. 3D IN NS a.ns.wellogix.com.
wellogix.com. 3D IN NS b.ns.wellogix.com.
;; ADDITIONAL SECTION:
a.ns.wellogix.com. 3D IN A 208.146.252.243
b.ns.wellogix.com. 3D IN A 63.224.68.250
;; Total query time: 110 msec
;; WHEN: Fri Apr 13 08:55:55 2001
;; MSG SIZE sent: 30 rcvd: 144
In other words, ns3.wellogix.com is a lame delegation, and
ns2.wellogix.com doesn't appear to be working at all. They need to
fix ns2 so that it answers queries, and fix the delegations for ns2 &
ns3 (either get the registrar to use the new names a.ns.wellogix.com
and b.ns.wellogix.com, or change the local records back to using the
old names).
Also note that they don't have reverse DNS set up properly:
dig -x 208.146.252.243
; <<>> DiG 8.1 <<>> -x
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;; 243.252.146.208.in-addr.arpa, type = ANY, class = IN
;; AUTHORITY SECTION:
252.146.208.in-addr.arpa. 3H IN SOA ns1.inflow.net. dnsadmin.inflow.com. (
2001030801 ; serial
1H ; refresh
10M ; retry
1W ; expiry
1D ) ; minimum
;; Total query time: 342 msec
;; WHEN: Fri Apr 13 08:58:41 2001
;; MSG SIZE sent: 46 rcvd: 115
dig -x 63.224.68.250
; <<>> DiG 8.1 <<>> -x
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;; 250.68.224.63.in-addr.arpa, type = ANY, class = IN
;; AUTHORITY SECTION:
68.224.63.in-addr.arpa. 3H IN SOA ns1.uswest.net. hostmaster.uswest.net. (
53 ; serial
8H ; refresh
2H ; retry
1W ; expiry
1D ) ; minimum
;; Total query time: 296 msec
;; WHEN: Fri Apr 13 08:58:49 2001
;; MSG SIZE sent: 44 rcvd: 105
> I think this may be similar because the gtld-server names do not match
> the names of the NS records they actually have in their zonefile.
Yup. It's called a "lame delegation".
> BIND 8.2.3-REL... of course. :)
If so, then they've turned off support for version.bind queries
entirely (at least, on ns3). I strongly suspect that there is
actually a different version of BIND running on at least this machine.
--
Brad Knowles, <brad.knowles at skynet.be>
/* efdtt.c Author: Charles M. Hannum <root at ihack.net> */
/* Represented as 1045 digit prime number by Phil Carmody */
/* Prime as DNS cname chain by Roy Arends and Walter Belgers */
/* */
/* Usage is: cat title-key scrambled.vob | efdtt >clear.vob */
/* where title-key = "153 2 8 105 225" or other similar 5-byte key */
dig decss.friet.org|perl -ne'if(/^x/){s/[x.]//g;print pack(H124,$_)}'
More information about the bind-users
mailing list