Lame RFC1918 delegations

• Previous message (by thread): Lame RFC1918 delegations
• Next message (by thread): Lame RFC1918 delegations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

   From: bmanning at isi.edu
   Posted-Date: Fri, 3 Apr 1998 11:36:10 -0800 (PST)
   Date: Fri, 3 Apr 1998 11:36:10 -0800 (PST)


   The primary for these zones moved to a dedicated server (blackhole.isi.edu)
   in early february 1998.  Due to an unfortunate confluence of events, 
   this week we identified several points of misconfiguration in both
   zone files and system configuration files.  Talking with the sysadmin
   this morning leads me to believe that the system is working properly.

   26% dig -x 172.16 any @blackhole.isi.edu

This is *not* proper, it's a Lame Delegation.  That query should return an
SOA record and it should have the Authoritative Answer flag set.

   ; <<>> DiG 2.0 <<>> -x any @blackhole.isi.edu 
   ;; ->>HEADER<<- opcode: QUERY , status: NOERROR, id: 12
   ;; flags: qr rd ra ; Ques: 1, Ans: 2, Auth: 2, Addit: 2
   ;; QUESTIONS: 
   ;;      16.172.in-addr.arpa, type = ANY, class = IN

   ;; ANSWERS:
   16.172.in-addr.arpa.    490877  NS      NS2.INTERNIC.NET.
   16.172.in-addr.arpa.    490877  NS      BLACKHOLE.ISI.EDU.

   ;; AUTHORITY RECORDS:
   16.172.in-addr.arpa.    490877  NS      NS2.INTERNIC.NET.
   16.172.in-addr.arpa.    490877  NS      BLACKHOLE.ISI.EDU.

   ;; ADDITIONAL RECORDS:
   NS2.INTERNIC.NET.       84712   A       198.41.0.11
   BLACKHOLE.ISI.EDU.      41512   A       128.9.64.26

   ;; Sent 3 pkts, answer found in time: 401 msec 
   ;; FROM: zed.isi.edu to SERVER: blackhole.isi.edu  128.9.64.26
   ;; WHEN: Fri Apr  3 11:35:07 1998
   ;; MSG SIZE  sent: 37  rcvd: 158



   > Several people have forwarded to me a message you sent to NANOG saying that
   > the problem with the RFC 1918 delegations was fixed yesterday.  As far as I
   > can tell, this is not true.  I'm still seeing lame responses from both
   > blackhole.isi.edu and ns2.internic.net (which replaced rs0.internic.net in
   > the delegations yesterday).
   > 
   > Also, we have a system here configured as a secondary server for the RFC
   > 1918 domains, so that we can point customer firewalls to it for their zone
   > transfers (this way, if the original primary moves, we only have to update
   > one system, not all the firewalls).  It used to use ns.isi.edu as its
   > primary, but that stopped working on 3/25.  Is there a machine that can be
   > used instead?
   > 
   > tools:~#58% whois 172.16
   > IANA (IANA-BBLK-RESERVED)
   >    Internet Assigned Numbers Authority
   >    Information Sciences Institute
   >    University of Southern California
   >    4676 Admiralty Way, Suite 1001
   >    Marina del Rey, CA 90292-6695
   > 
   >    Netname: IANA-BBLK-RESERVED
   >    Netblock: 172.16.0.0 - 172.31.0.0
   > 
   >    Coordinator:
   >       Internet Assigned Numbers Authority  (IANA-ARIN)  iana at iana.org
   >       (310) 822-1511
   > 
   >    Domain System inverse mapping provided by:
   > 
   >    BLACKHOLE.ISI.EDU		128.9.64.26
   >    NS2.INTERNIC.NET		198.41.0.11
   > 
   > tools:~#61% dig -x 172.16 any @blackhole.isi.edu
   > 
   > ; <<>> DiG 2.1 <<>> -x any @blackhole.isi.edu 
   > ; (1 server found)
   > ;; res options: init recurs defnam dnsrch
   > ;; got answer:
   > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
   > ;; flags: qr rd ra; Ques: 1, Ans: 2, Auth: 2, Addit: 2
   > ;; QUESTIONS:
   > ;;	16.172.in-addr.arpa, type = ANY, class = IN
   > 
   > ;; ANSWERS:
   > 16.172.in-addr.arpa.	295906	NS	RS0.INTERNIC.NET.
   > 16.172.in-addr.arpa.	295906	NS	BLACKHOLE.ISI.EDU.
   > 
   > ;; AUTHORITY RECORDS:
   > 16.172.in-addr.arpa.	295906	NS	RS0.INTERNIC.NET.
   > 16.172.in-addr.arpa.	295906	NS	BLACKHOLE.ISI.EDU.
   > 
   > ;; ADDITIONAL RECORDS:
   > RS0.INTERNIC.NET.	43877	A	198.41.0.5
   > BLACKHOLE.ISI.EDU.	25946	A	128.9.64.26
   > 
   > ;; Total query time: 427 msec
   > ;; FROM: tools.bbnplanet.com to SERVER: blackhole.isi.edu  128.9.64.26
   > ;; WHEN: Fri Apr  3 09:39:09 1998
   > ;; MSG SIZE  sent: 37  rcvd: 158
   > 
   > tools:~#63% dig -x 172.16 any @ns2.internic.net
   > 
   > ; <<>> DiG 2.1 <<>> -x any @ns2.internic.net 
   > ; (1 server found)
   > ;; res options: init recurs defnam dnsrch
   > ;; got answer:
   > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
   > ;; flags: qr rd; Ques: 1, Ans: 4, Auth: 0, Addit: 2
   > ;; QUESTIONS:
   > ;;	16.172.in-addr.arpa, type = ANY, class = IN
   > 
   > ;; ANSWERS:
   > 16.172.in-addr.arpa.	86400	NS	NS.ISI.EDU.
   > 16.172.in-addr.arpa.	86400	NS	rs0.internic.net.
   > 16.172.in-addr.arpa.	86400	NS	ORB.ISI.EDU.
   > 16.172.in-addr.arpa.	86400	SOA	NS.ISI.EDU. bmanning.zed.ISI.EDU. (
   > 			19941005	; serial
   > 			10800	; refresh (3 hours)
   > 			900	; retry (15 mins)
   > 			604800	; expire (7 days)
   > 			86400 )	; minimum (1 day)
   > 
   > ;; ADDITIONAL RECORDS:
   > NS.ISI.EDU.	172800	A	128.9.128.127
   > rs0.internic.net.	172800	A	198.41.0.5
   > 
   > ;; Total query time: 60 msec
   > ;; FROM: tools.bbnplanet.com to SERVER: ns2.internic.net  198.41.0.11
   > ;; WHEN: Fri Apr  3 09:39:27 1998
   > ;; MSG SIZE  sent: 37  rcvd: 190
   > 
   > 
   > 
   > -- 
   > Barry Margolin, barmar at bbnplanet.com
   > GTE Internetworking, Powered by BBN, Cambridge, MA
   > 


   -- 
   --bill


-- 
Barry Margolin, barmar at bbnplanet.com
GTE Internetworking, Powered by BBN, Cambridge, MA

• Previous message (by thread): Lame RFC1918 delegations
• Next message (by thread): Lame RFC1918 delegations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]