incorrect NXDOMAIN response from DNS server

Jun-ichiro itojun Hagino itojun at itojun.org
Thu Apr 25 02:30:27 UTC 2002


	the issue was originally raised on 6bone at isi.edu.

	there are name server implementations (probably load balancing product)
	that responds with NXDOMAIN, when it should respond with NOERROR with
	empty reply.  one example is news.bbc.co.uk.  this symptom not only
	confuse IPv6-ready client resolvers, but also has bad effect against
	negative caching and email delivery (if MX is responded with NODOMAIN).

	do you know:
	- name of particular implementation which have/had this bug?
	- other examples of nameservers that behave like this?
	  (windowsupdate.microsoft.com behaved like this in Feb 2002, but
	  they are already fixed)
	- how can we get people to fix it?  (client side workaround should
	  not be populated, just to be sure)

itojun


% dig news.bbc.co.uk. aaaa

; <<>> DiG 9.1.2 <<>> news.bbc.co.uk. aaaa
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60945
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;news.bbc.co.uk.			IN	AAAA

;; ANSWER SECTION:
news.bbc.co.uk.		1770	IN	CNAME	newswww.bbc.net.uk.

;; Query time: 2362 msec
;; SERVER: 127.0.0.1#53(0.0.0.0)
;; WHEN: Thu Apr 25 11:25:45 2002
;; MSG SIZE  rcvd: 62

% dig news.bbc.co.uk. a

; <<>> DiG 9.1.2 <<>> news.bbc.co.uk. a
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 11225
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;news.bbc.co.uk.			IN	A

;; ANSWER SECTION:
news.bbc.co.uk.		1761	IN	CNAME	newswww.bbc.net.uk.
newswww.bbc.net.uk.	300	IN	A	212.58.240.33

;; AUTHORITY SECTION:
bbc.net.uk.		14360	IN	NS	ns0.thny.bbc.co.uk.
bbc.net.uk.		14360	IN	NS	ns0.thdo.bbc.co.uk.

;; ADDITIONAL SECTION:
ns0.thdo.bbc.co.uk.	6362	IN	A	212.58.224.20
ns0.thny.bbc.co.uk.	6362	IN	A	38.160.150.20

;; Query time: 2341 msec
;; SERVER: 127.0.0.1#53(0.0.0.0)
;; WHEN: Thu Apr 25 11:25:53 2002
;; MSG SIZE  rcvd: 156

-------------- next part --------------
An embedded message was scrubbed...
From: Nathan Lutchansky <lutchann-ipv6users at litech.org>
Subject: Broken DNS prevents IPv6 deployment
Date: Wed, 17 Apr 2002 11:02:15 -0400
Size: 3391
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20020425/4348733e/attachment.mht>


More information about the NANOG mailing list