expedia.msn.com does not resolve

Barry Margolin barmar at genuity.net
Thu Aug 16 00:48:35 UTC 2001 

In article <9lf00c$2ah at pub3.rc.vix.com>,
Brad Knowles  <brad.knowles at skynet.be> wrote:
>
>At 6:20 PM -0400 8/15/01, Kevin Darcy wrote:
>
>>  (It seems I was overly preoccupied trying to tie together this poster's
>>  problem with the microsoft.com mail problem I had yesterday...)
>
>	The thing I find so amusing is that Microsoft apparently blocks 
>TCP port 53 queries to at least some of their nameservers (if not all 
>of them).  First, they had only two nameservers, and they were taken 
>down by the simplest of DoS attacks.  Now they compound their 
>stupidity of having *twelve* nameservers (which virtually guarantees 
>UDP truncation in many cases), by refusing TCP port 53 queries.

I don't think you're supposed to set the truncated flag if the overflow is
due to records in the Additional Records section.  And since all the
servers are in the msft.net domain, DNS's compression mechanism allows
most answers to fit in a UDP packet.

It also looks like the msft.net servers don't fill in the Authority section
of their responses, which keeps these responses from being truncated.  I
suspect that the OP's problem is that his internal nameserver is configured
to forward to a BIND nameserver outside the firewall.  That nameserver
fills in the Authority section, which causes overflow and truncation, and
then the firewall blocks the TCP retry.

% dig expedia.msn.com a @DNS2.CP.MSFT.NET

; <<>> DiG 8.3 <<>> expedia.msn.com a @DNS2.CP.MSFT.NET 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6
;; flags: qr aa rd; QUERY: 1, ANSWER: 14, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;;	expedia.msn.com, type = A, class = IN

;; ANSWER SECTION:
expedia.msn.com.	1H IN CNAME	expedia.com.
expedia.com.		1H IN A		207.46.184.30
expedia.com.		1H IN A		207.46.184.65
expedia.com.		1H IN A		207.46.184.70
expedia.com.		1H IN A		207.46.184.75
expedia.com.		1H IN A		207.46.184.88
expedia.com.		1H IN A		207.46.184.120
expedia.com.		1H IN A		207.46.184.125
expedia.com.		1H IN A		207.46.184.15
expedia.com.		1H IN A		207.46.184.155
expedia.com.		1H IN A		207.46.184.165
expedia.com.		1H IN A		207.46.184.175
expedia.com.		1H IN A		207.46.184.220
expedia.com.		1H IN A		207.46.184.25

;; Total query time: 115 msec
;; FROM: tools.genuity.com to SERVER: DNS2.CP.MSFT.NET  207.46.138.21
;; WHEN: Wed Aug 15 20:44:39 2001
;; MSG SIZE  sent: 33  rcvd: 263

-- 
Barry Margolin, barmar at genuity.net
Genuity, Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

More information about the bind-users mailing list