nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: .mil nameserver problems?

From: Mark Andrews <marka () isc org>
Date: Wed, 17 Feb 2010 14:40:03 +1100

In message <589775371002161915h513bd247wcc4776856ed4487a () mail gmail com>, David
 Ulevitch writes:

On Tue, Feb 16, 2010 at 6:55 PM, Antonio Querubin <tony () lava net> wrote:

Anyone else noticing an increase in .mil nameserver problems today? Our
resolvers aren't able to find NS info for various .mil domains such as
pacom.mil and usfj.mil.

% dig +trace pacom.mil



Actually, a number of the .mil zones are exceptionally broken, and
pacom.mil is no exception. :-)

The .mil TLD servers seem to have loaded the entire zones and are
serving borked zones as a result.  For example, ask the TLD about
www.pacom.mil:


No.  Just a failure to seperate authoritative and recursive functionality.
You can workout how many servers there are by looking at the TTL decays.
 

$ dig @PAC1.NIPR.mil. www.pacom.mil

; <<>> DiG 9.4.3-P3 <<>> @PAC1.NIPR.mil. www.pacom.mil
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35118
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;www.pacom.mil.                       IN      A

;; ANSWER SECTION:
www.pacom.mil.                1722    IN      CNAME   www.pacom.mil.edgesuite
.net.
www.pacom.mil.edgesuite.net. 401 IN   CNAME   a1112.g.akamai.net.
a1112.g.akamai.net.   20      IN      A       209.107.205.160
a1112.g.akamai.net.   20      IN      A       209.107.205.88

;; Query time: 234 msec
;; SERVER: 199.252.180.234#53(199.252.180.234)
;; WHEN: Tue Feb 16 19:14:13 2010
;; MSG SIZE  rcvd: 133

And if you ask for an NS record for pacom.mil, it'll give you that,
but without an additional section despite having the answers, because
it thinks it is the authoritative for that zone (I'm guessing that
explains the behavior but don't know their software).

-David


-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka () isc org
Previous By Date Next
Previous By Thread Next

Current thread: