[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Unexpected DNS responses

To: <namedroppers@ops.ietf.org>
Subject: Unexpected DNS responses
From: Stuart Cheshire <cheshire@apple.com>
Date: Tue, 14 Dec 2004 11:46:11 -0800

When doing a DNS query at Apple, I'm seeing strange results.

A query for the address record for login.oscar.aol.com reveals that it is 
an alias for login.glogin.messaging.aol.com. The address for 
login.glogin.messaging.aol.com is also given: 64.12.200.89.

>[chesh7:~] cheshire% dig -t a login.oscar.aol.com
>
>; <<>> DiG 9.2.2 <<>> -t a login.oscar.aol.com
>;; global options:  printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5932
>;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
>
>;; QUESTION SECTION:
>;login.oscar.aol.com.           IN    A
>
>;; ANSWER SECTION:
>login.oscar.aol.com.    123     IN    CNAME login.glogin.messaging.aol.com.
>login.glogin.messaging.aol.com. 10 IN A     64.12.200.89
>
>;; AUTHORITY SECTION:
>glogin.messaging.aol.com. 98    IN    NS    mtc-gdns008.ns.aol.com.
>glogin.messaging.aol.com. 98    IN    NS    dtc-gdns008.ns.aol.com.
>
>;; ADDITIONAL SECTION:
>mtc-gdns008.ns.aol.com. 223     IN    A     64.12.182.88
>dtc-gdns008.ns.aol.com. 215     IN    A     205.188.139.88
>
>;; Query time: 8 msec
>;; SERVER: 17.128.100.10#53(17.128.100.10)
>;; WHEN: Tue Dec 14 11:38:01 2004
>;; MSG SIZE  rcvd: 177

However, a query for the AAAA record for login.oscar.aol.com gives a 
no-error no-answer result for login.glogin.messaging.aol.com!

The question in the question section of the result doesn't match the 
question that was asked, and the client ignores it as bogus.

There's no CNAME record in the response to indicate to the client that 
login.oscar.aol.com is actually an alias for 
login.glogin.messaging.aol.com: the client asks for X and gets an answer 
for Y, with no indication why an answer for Y is relevant.

>[chesh7:~] cheshire% dig -t aaaa login.oscar.aol.com
>
>; <<>> DiG 9.2.2 <<>> -t aaaa login.oscar.aol.com
>;; global options:  printcmd
>;; Got answer:
>;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61168
>;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
>
>;; QUESTION SECTION:
>;login.glogin.messaging.aol.com.        IN      AAAA
>
>;; Query time: 82 msec
>;; SERVER: 17.128.100.10#53(17.128.100.10)
>;; WHEN: Tue Dec 14 11:41:55 2004
>;; MSG SIZE  rcvd: 48
>
>[chesh7:~] cheshire% 

Is this a bogus caching DNS server, or is this kind of response normal 
and expected? Should the client handle this, or is the client right to 
ignore it?

Stuart Cheshire <cheshire@apple.com>
 * Wizard Without Portfolio, Apple Computer, Inc.
 * www.stuartcheshire.org


--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>

Follow-Ups:
- Re: Unexpected DNS responses
  - From: Mark Andrews <Mark_Andrews@isc.org>

Prev by Date: Re: draft-lozano-nsec-random-00
Next by Date: Re: Unexpected DNS responses
Previous by thread: draft-lozano-nsec-random-00
Next by thread: Re: Unexpected DNS responses
Index(es):
- Date
- Thread