h.root-servers.net returning false negatives (fwd)
marcs at znep.com
Wed Jan 13 18:01:13 UTC 1999
FYI, below is a copy of a message I sent to the appropriate people.
I guess that this time it isn't as bad since it is at least possible that
there were automated scripts that didn't detect this, since it is only
happening for certain domains.
Expect sporadic difficulties resolving names for domains that are impacted
if you happen to talk to h.root-servers.net.
---------- Forwarded message ----------
Date: Wed, 13 Jan 1999 09:58:50 -0800 (PST)
From: Marc Slemko <marcs at znep.com>
Subject: h.root-servers.net returning false negatives
for some .com domains, and possibly others.
marcs at alive:~$ dig stocksite.com ns @h.root-servers.net
; <<>> DiG 8.1 <<>> stocksite.com ns @h.root-servers.net
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 10
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUERY SECTION:
;; stocksite.com, type = NS, class = IN
;; AUTHORITY SECTION:
COM. 1D IN SOA A.ROOT-SERVERS.NET. hostmaster.INTERNIC.NET. (
1999011105 ; serial
30M ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
;; Total query time: 144 msec
;; FROM: alive.znep.com to SERVER: h.root-servers.net 220.127.116.11
;; WHEN: Wed Jan 13 09:54:54 1999
;; MSG SIZE sent: 31 rcvd: 108
Other examples include worldgate.com, znep.com, yahoo.com, etc. Not all
domains are impacted. h.root-servers.net needs to be taken down ASAP
since it is causing any queries for those domains that hit those servers
to be given a false nxdomain.
Also note that many or most of the root nameservers have a zone
file a few days out of date (as does this one...) which may or may
not be related.
More information about the NANOG