Issue with dns resolution for www.ssa.gov

Bjørn Mork bjorn at mork.no
Thu Sep 1 21:26:25 UTC 2022 

www.ssa.gov is a separate zone according to the ssa.gov NS:

bjorn at idefix:~$ dig ns www.ssa.gov @dns1.ssa.gov

; <<>> DiG 9.16.27-Debian <<>> ns www.ssa.gov @dns1.ssa.gov
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56002
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 9
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 3419fe2b41b19e86fd0d2330631122fd3a26a591e846d4b1 (good)
;; QUESTION SECTION:
;www.ssa.gov.                   IN      NS

;; AUTHORITY SECTION:
www.ssa.gov.            60      IN      NS      gtms2.ssa.gov.
www.ssa.gov.            60      IN      NS      gtms1.ssa.gov.
www.ssa.gov.            60      IN      NS      gtmu1.ssa.gov.
www.ssa.gov.            60      IN      NS      gtmu2.ssa.gov.

;; ADDITIONAL SECTION:
GTMS1.ssa.gov.          36000   IN      AAAA    2001:1930:e03::13
GTMS2.ssa.gov.          36000   IN      AAAA    2001:1930:e03::14
GTMU1.ssa.gov.          36000   IN      AAAA    2001:1930:d07:1::10
GTMU2.ssa.gov.          36000   IN      AAAA    2001:1930:d07:1::11
GTMS1.ssa.gov.          36000   IN      A       137.200.4.203
GTMS2.ssa.gov.          36000   IN      A       137.200.4.204
GTMU1.ssa.gov.          36000   IN      A       137.200.43.16
GTMU2.ssa.gov.          36000   IN      A       137.200.43.17

;; Query time: 107 msec
;; SERVER: 2001:1930:d07:1::8#53(2001:1930:d07:1::8)
;; WHEN: Thu Sep 01 23:24:13 CEST 2022
;; MSG SIZE  rcvd: 348



But it's a CNAME according to the www.ssa.gov NS:


bjorn at idefix:~$ dig a www.ssa.gov @gtms1.ssa.gov

; <<>> DiG 9.16.27-Debian <<>> a www.ssa.gov @gtms1.ssa.gov
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43620
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.ssa.gov.                   IN      A

;; ANSWER SECTION:
www.ssa.gov.            300     IN      CNAME   www.ssa.gov.edgekey.net.

;; Query time: 127 msec
;; SERVER: 2001:1930:e03::13#53(2001:1930:e03::13)
;; WHEN: Thu Sep 01 23:25:01 CEST 2022
;; MSG SIZE  rcvd: 77



CDNs playing tricks. This won't fly.



Bjørn

More information about the bind-users mailing list