bind 9.7.2-P3 does not resolve www.microsoft.com

Lazy lazy404 at gmail.com
Thu Dec 30 16:43:18 UTC 2010 

2010/12/28 Dennis Clarke <dclarke at blastwave.org>:
>
>>> trying to resolve www.microsoft.com or microsoft.com results in a
>>> "connection timed out; no servers could be reached"
>>
>> Well, for what it's worth - it's not just you having that issue. When
>> testing from home and from work I get the same.
>>
>
> works fine for me on linux and Solaris.

how does dig ANY microsoft.com looks on your site ?

when I query ie google's public dns resolver I get

$ dig ANY microsoft.com @8.8.8.8

; <<>> DiG 9.6-ESV-R3 <<>> ANY microsoft.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52638
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;microsoft.com.                 IN      ANY

;; ANSWER SECTION:
microsoft.com.          3185    IN      A       207.46.197.32
microsoft.com.          3185    IN      A       207.46.232.182
microsoft.com.          85985   IN      NS      ns4.msft.net.
microsoft.com.          85985   IN      NS      ns5.msft.net.
microsoft.com.          85985   IN      NS      ns1.msft.net.
microsoft.com.          85985   IN      NS      ns2.msft.net.
microsoft.com.          85985   IN      NS      ns3.msft.net.
microsoft.com.          3185    IN      SOA     ns1.msft.net.
msnhst.microsoft.com. 2010122201 300 600 2419200 3600
microsoft.com.          3185    IN      MX      10 mail.messaging.microsoft.com.
microsoft.com.          3185    IN      TXT
"FbUF6DbkE+Aw1/wi9xgDi8KVrIIZus5v8L6tbIQZkGrQ/rVQKJi8CjQbBtWtE64ey4NJJwj5J65PIggVYNabdQ=="

;; Query time: 36 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Dec 30 17:07:20 2010
;; MSG SIZE  rcvd: 336


this is missing second TXT spf record

bind and powerdns-recursor seems to reply with all records for
microsoft.com they have, so if You earlier request for A and TXT you
get A and TXT from your local resolver despite that m$ servers sent
truncated answers for ANY queries that got ignored by bind, and didn't
provide TCP so I guess all you see is Your local cache made form
previous non ANY queries

Response for dig ANY microsoft.com varies significantly across dns
servers, sometimes we get TXT records, sometime we don't, some don't
have SOA ect.


-- 
Lazy

More information about the bind-users mailing list