Verisign broke GTLDs again?
Michael Tokarev
mjt at tls.msk.ru
Mon May 16 10:46:49 UTC 2005
Noticied today. All Verisign's GTLD servers broke
EDNS0 (RFC2671). Here's how it looks like:
query:
$ dnsget -t mx -vv microsoft.net. -n 192.5.6.30
;; trying microsoft.net.
;; sending 42 bytes query to 192.5.6.30 port 53
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64471, size: 42
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; QUERY SECTION (1):
;microsoft.net. IN MX
;; ADDITIONAL section (1):
;EDNS0 OPT record (UDPsize: 4096): 0 bytes
Note the EDNS0 stuff (numar=1). And here's the reply to this query:
;; received 12 bytes response from 192.5.6.30 port 53
;; unexpected number of entries in QUERY section: 0
;; ->>HEADER<<- opcode: QUERY, status: FORMERR, id: 64471, size: 12
;; flags: qr rd; QUERY: 0, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION (0):
; invalid query section
They're returning FORMERR (which is wrong), *and* don't return the
original query (numqd=0).
Without EDNS0 extensions, it works like expected.
/mjt
More information about the NANOG
mailing list