Misbehaviour with root-server priming queries
Bernhard Schmidt
Bernhard.Schmidt at lrz-muenchen.de
Fri Mar 9 14:06:35 UTC 2007
Hi,
now for my other problem. We noticed the behaviour that unnecessary (?)
queries are sent to the root-servers because we configured some of our
recursors to take part in the ICANN test described at
http://www.icann.org/committees/security/sac017.htm . It contains of a
new root.hints file that points to four dedicated servers. Those
dedicated servers answer with the standard root-server set
([a-m].root-servers.net), only with additional AAAA records for a couple
of them.
After a few days of running we got a notification from the operator at
roto.nlnetlabs.nl that our recursors were doing massive amount of
queries to their server and whether we accidentally configured them to
be forwarders. No, we didn't.
I just ran the same 20000 queries from the report before to the very
same BIND, only with the root.hints file replaced. It produced
roto.nlnetlabs.nl IPv4 43 queries
IPv6 15 queries
aaaa.verisignlabs.com IPv4 6 queries
IPv6 2 queries
aaaa.nic.br IPv4 1 query
IPv6 0 queries
rs-net.isc.org IPv4 1 query
IPv6 2 queries
none of the queries looked like a priming request, more like a standard
query for a random host.
for comparison:
f.root-servers.net IPv4 35 queries
IPv6 85 queries
I did not find any explicit description from the RFCs on what is
supposed to happen for the priming request, but I'm pretty sure the
intention was to only get . IN NS from those servers, nothing else
(ever).
Can anyone explain this behaviour?
Regards,
Bernhard
More information about the bind-users
mailing list