Why does DNSVIZ complain about the NS RRSET here?

Mon Apr 18 22:15:08 UTC 2022

Do you know what a windows DNS admin needs to do to fix that?

On 04/18/2022 5:12 pm, Mark Andrews wrote:
> The parent servers are configured to allow recursion (ra) and rather
> than returning referrals that are returning
> answers provided it is cached.
> 
> Also it is pointless to use NSEC3 in the reverse trees as they contain
> too much structure.
> 
> To find
> 4.b.3.2.b.1.e.f.f.f.5.b.3.e.a.7.0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa.
> 3600 IN PTR thebighonker.lerctr.org you
> just need to query for [0-9a-f].ip6.arpa which will elicit a non
> NXDOMAIN for 2.ip6.arpa. Then you query for [0-9a-f].2.ip6.arpa, all
> the way down to
> [0-9a-f].b.3.2.b.1.e.f.f.f.5.b.3.e.a.7.0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa.
> which gives you a non NXDOMAIN response for
> 4.b.3.2.b.1.e.f.f.f.5.b.3.e.a.7.0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa.
> 
> 
> % dig @pdns05.thin-nology.com ns 
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa +norec
> 
> ; <<>> DiG 9.17.22 <<>> @pdns05.thin-nology.com ns
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa +norec
> ; (2 servers found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13592
> ;; flags: qr ra; QUERY: 1, ANSWER: 8, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4000
> ;; QUESTION SECTION:
> ;0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. IN NS
> 
> ;; ANSWER SECTION:
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns1.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns2.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns-a.lerctr.org.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns4.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns3.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns5.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns-b.lerctr.org.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns-c.lerctr.org.
> 
> ;; Query time: 225 msec
> ;; SERVER: 216.82.192.148#53(pdns05.thin-nology.com) (UDP)
> ;; WHEN: Tue Apr 19 07:53:04 AEST 2022
> ;; MSG SIZE  rcvd: 242
> 
> %
> 
> % dig @pdns06.thin-nology.com type1000
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa +norec +dnssec
> 
> ; <<>> DiG 9.17.22 <<>> @pdns06.thin-nology.com type1000
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa +norec +dnssec
> ; (2 servers found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11871
> ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 10, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 4000
> ;; QUESTION SECTION:
> ;0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. IN TYPE1000
> 
> ;; AUTHORITY SECTION:
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns3.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns-c.lerctr.org.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns-b.lerctr.org.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns-a.lerctr.org.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns2.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns1.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns4.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 0 IN NS ns5.dnsunlimited.com.
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 3600 IN DS 63984 13 2
> F9B8E3F0A1E15E38C32E71BA1D7150B7FB68CC8C06943B065C75C985 0732B48E
> 0.1.0.0.0.0.0.0.b.d.c.f.2.0.6.2.ip6.arpa. 3600 IN RRSIG	DS 13 18 3600
> 20220423141314 20220416131314 1535 0.b.d.c.f.2.0.6.2.ip6.arpa.
> 2Bn8Qtoac1rIpL6IPvUP8EFewC0XLlxidGM6lIT8q12wmSUj3o3jxSxY
> xQMsK+j/b9nuMPlir+3m+mR7g5nvVQ==
> 
> ;; Query time: 217 msec
> ;; SERVER: 216.82.192.149#53(pdns06.thin-nology.com) (UDP)
> ;; WHEN: Tue Apr 19 07:55:29 AEST 2022
> ;; MSG SIZE  rcvd: 452
> 
> %
> 
> 
[snip]
-- 
Larry Rosenman                     http://www.lerctr.org/~ler
Phone: +1 214-642-9640                 E-Mail: ler at lerctr.org
US Mail: 5708 Sabbia Dr, Round Rock, TX 78665-2106