[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Unexpected DNS responses
> When doing a DNS query at Apple, I'm seeing strange results.
>
> A query for the address record for login.oscar.aol.com reveals that it is
> an alias for login.glogin.messaging.aol.com. The address for
> login.glogin.messaging.aol.com is also given: 64.12.200.89.
>
> >[chesh7:~] cheshire% dig -t a login.oscar.aol.com
> >
> >; <<>> DiG 9.2.2 <<>> -t a login.oscar.aol.com
> >;; global options: printcmd
> >;; Got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5932
> >;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2
> >
> >;; QUESTION SECTION:
> >;login.oscar.aol.com. IN A
> >
> >;; ANSWER SECTION:
> >login.oscar.aol.com. 123 IN CNAME login.glogin.messaging.aol.com.
> >login.glogin.messaging.aol.com. 10 IN A 64.12.200.89
> >
> >;; AUTHORITY SECTION:
> >glogin.messaging.aol.com. 98 IN NS mtc-gdns008.ns.aol.com.
> >glogin.messaging.aol.com. 98 IN NS dtc-gdns008.ns.aol.com.
> >
> >;; ADDITIONAL SECTION:
> >mtc-gdns008.ns.aol.com. 223 IN A 64.12.182.88
> >dtc-gdns008.ns.aol.com. 215 IN A 205.188.139.88
> >
> >;; Query time: 8 msec
> >;; SERVER: 17.128.100.10#53(17.128.100.10)
> >;; WHEN: Tue Dec 14 11:38:01 2004
> >;; MSG SIZE rcvd: 177
>
> However, a query for the AAAA record for login.oscar.aol.com gives a
> no-error no-answer result for login.glogin.messaging.aol.com!
>
> The question in the question section of the result doesn't match the
> question that was asked, and the client ignores it as bogus.
>
> There's no CNAME record in the response to indicate to the client that
> login.oscar.aol.com is actually an alias for
> login.glogin.messaging.aol.com: the client asks for X and gets an answer
> for Y, with no indication why an answer for Y is relevant.
>
> >[chesh7:~] cheshire% dig -t aaaa login.oscar.aol.com
> >
> >; <<>> DiG 9.2.2 <<>> -t aaaa login.oscar.aol.com
> >;; global options: printcmd
> >;; Got answer:
> >;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61168
> >;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> >
> >;; QUESTION SECTION:
> >;login.glogin.messaging.aol.com. IN AAAA
> >
> >;; Query time: 82 msec
> >;; SERVER: 17.128.100.10#53(17.128.100.10)
> >;; WHEN: Tue Dec 14 11:41:55 2004
> >;; MSG SIZE rcvd: 48
> >
> >[chesh7:~] cheshire%
>
> Is this a bogus caching DNS server, or is this kind of response normal
> and expected? Should the client handle this, or is the client right to
> ignore it?
The client should reject the second answer. You should upgrade /
replace the offending nameserver. Probably a old BIND 8 with the
following bug.
1650. [bug] NODATA responses from forwarders that followed
a CNAME were not handled correctly.
> Stuart Cheshire <cheshire@apple.com>
> * Wizard Without Portfolio, Apple Computer, Inc.
> * www.stuartcheshire.org
>
>
> --
> to unsubscribe send a message to namedroppers-request@ops.ietf.org with
> the word 'unsubscribe' in a single line as the message text body.
> archive: <http://ops.ietf.org/lists/namedroppers/>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@isc.org
--
to unsubscribe send a message to namedroppers-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://ops.ietf.org/lists/namedroppers/>