9.5.0 P2 gives diff ip for worldnet.att.net than swBell DNS?

Tue Nov 18 01:16:00 UTC 2008

Les Caudle wrote:
> On Tue, 11 Nov 2008 10:26:11 +1100, Mark Andrews
> <Mark_Andrews at isc.org> wrote:
>
>   
>> In message <jqcgh49unbp1jiqv2g9qtp1nn3hdvug6vq at 4ax.com>, Les Caudle writes:
>>     
>>> I noticed that I could not access this web page from within my
>>> network:
>>>
>>> http://worldnet.att.net/general-info/bls_info/block_inquiry.html
>>>
>>> I looked at the ip BIND 9.5.0 P2 returned for worldnet.att.net:
>>>
>>> 199.70.151.234
>>>
>>> and compared it to the ip that SwBell returned:
>>>
>>> 204.127.135.135
>>>
>>> I can use DNS from swBell to access that web page from outside my
>>> network, but not from inside my own network based on BIND.
>>>
>>> I restarted BIND, and I also tried:
>>>
>>> rndc flush
>>>
>>> BIND is set to go drectly to the main name servers, so I'm not sure
>>> how it is getting corrupted.
>>>
>>> How can I debug this?
>>>
>>>
>>> --
>>> Thanks! Les Caudle 
>>>       
>> 	There is a glue record, which is incorrectly promoted to a
>> 	answer, which needs to updated (if worldnet.att.net is a
>> 	nameserver) / removed (if worldnet.att.net is not a
>> 	nameserver).
>>
>> worldnet.att.net.       172800  IN      A       199.70.151.234
>> att.net.                172800  IN      NS      macu.ma.mt.np.els-gms.att.net.
>> att.net.                172800  IN      NS      ohcu.oh.mt.np.els-gms.att.net.
>> att.net.                172800  IN      NS      orcu.or.br.np.els-gms.att.net.
>> att.net.                172800  IN      NS      wycu.wy.br.np.els-gms.att.net.
>> ;; Received 219 bytes from 192.12.94.30#53(e.gtld-servers.net) in 203 ms
>>
>> 	Mark
>>     
>
> Mark - Are you saying that worldnet.att.net has their DNS settup
> incorrectly?
>
> Why is it that SwBell DNS returns the correct records, and BIND does
> not?
>
> How do I contact these folks if it is there problem?
>
>   
Les,
I think what Mark is saying is that there are 2 problems here:

1) the "registry" database for .net has a record for worldnet.att.net 
that's stale. Presumably one or more .net domains were, at one time, 
delegated to this name (among other nameservers). That's why it's in the 
registry database. This can't be changed directly by WorldNet; like 
ordinary mortals, they would have to go through their registrar to get 
this record updated/deleted

2) Whatever implementation of DNS that is being run by the .net 
nameservers, it is "promoting" this stale glue record to the status of 
"answer". This is generally considered to be a violation of RFCs, 
although I think there's some ambiguity involved (e.g. whether the 
subparts of step 3 of the "Algorithm" in RFC 1034, Section 4.3.2, are to 
be evaluated sequentially or as a 3-way branch)

As for why one set of nameservers may give a different answer for 
worldnet.att.net than another set of nameservers, that's just the luck 
of the draw, depending on when the TTLs expired and what other queries 
those nameservers may be doing that would "refresh" the existing entries 
in the cache.

- Kevin