fwd: Re: [registrars] Re: panix.com hijacked
twofsonet at graffiti.com
Sun Jan 16 18:40:06 UTC 2005
On Sun, Jan 16, 2005 at 07:21:55PM +0100, Daniel Karrenberg wrote:
>On 16.01 12:46, William Allen Simpson wrote:
>> >------- Forwarded Message
>> >From: "Ross Wm. Rader" <ross at tucows.com>
>> >I don't see what you are looking at - .net and .com point to the same
>> >place with no indication of anything awry...of course, I'm late to the
>> >game and the DNS probably tells a different story...
>> This fellow is pretty confused, as from here (Michigan via Merit) the
>> DNS has pointed to different places since yesterday.
>A quick survey of some caching servers in my neighborhood reveals that
>some of them return "old/correct" A RRs for panix.com at this time.
presumably they have cached ns records from before the switch in the
com tld zone.
>Following the DNS delegation chain from the root name servers provides
>"new/hijacked" answers at this time. So I assume some operators of caching
>servers now choose to provide data that is inconsistent with the
>authoritative data in the DNS tree. So depending on where you ask, your
>answer may vary.
they're not choosing to do so, they're probably operating ~normally.
try asking them for the ns records for panix.com. the age should give
you an idea of how long ago they were fetched from *.gtld-servers.net.
they probably got them before the switch, they'll time out soon
enough, and then they'll restart from the "wrong" servers.
|-----< "CODE WARRIOR" >-----|
codewarrior at daemon.org * "ah! i see you have the internet
twofsonet at graffiti.com (Andrew Brown) that goes *ping*!"
werdna at squooshy.com * "information is power -- share the wealth."
More information about the NANOG