Problem with IANA blackhole servers

Sebastian Wiesinger nanog at tracker.fire-world.de
Tue Mar 28 19:13:51 UTC 2006


Hello,

I'm having a problem with the IANA blackhole DNS-Servers resolving
RFC1918 IPs.

Normally I'm getting a NXDOMAIN reply and this is reported back to the
client.

With one resolver we're getting SERVFAIL for every query instead
of NXDOMAIN.

Example:

Resolver 1 (working):

# dig @192.175.48.42 1.1.168.192.in-addr.arpa PTR

; <<>> DiG 9.2.1 <<>> @192.175.48.42 1.1.168.192.in-addr.arpa PTR
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 50669
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;1.1.168.192.in-addr.arpa.      IN      PTR

;; AUTHORITY SECTION:
168.192.in-addr.arpa.   300     IN      SOA     prisoner.iana.org. hostmaster.root-servers.org. 2004051800 1800 900 604800 300

;; Query time: 11 msec
;; SERVER: 192.175.48.42#53(192.175.48.42)
;; WHEN: Tue Mar 28 13:29:57 2006
;; MSG SIZE  rcvd: 119



Resolver 2 (failing):

# dig @192.175.48.42 1.1.168.192.in-addr.arpa PTR

; <<>> DiG 9.2.1 <<>> @192.175.48.42 1.1.168.192.in-addr.arpa PTR
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 62187
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;1.1.168.192.in-addr.arpa.      IN      PTR

;; Query time: 16 msec
;; SERVER: 192.175.48.42#53(192.175.48.42)
;; WHEN: Tue Mar 28 13:21:02 2006
;; MSG SIZE  rcvd: 42


So every request to resolve RFC1918 IPs with resolver #2 times out and
takes a long time to finish.

I think the reason is one of the anycast servers acting abnormal. A
trace from resolver 2 points to p80.net as provider:

[..]
 4  ge0-0-pr1.AMS.router.colt.net (212.74.66.146)  14.100 ms  14.122 ms  14.096 ms
 5  cr1.nl.p80.net (195.69.145.52)  14.839 ms  14.731 ms  14.123 ms
 6  blackhole-2.iana.org (192.175.48.42)  14.703 ms  15.020 ms  14.861 ms

Perhaps someone on this list has a shortcut to get the server back to
normal again?

Regards,

Sebastian

-- 
GPG Key-ID: 0x76B79F20 (0x1B6034F476B79F20)
Wehret den Anfaengen: http://odem.org/informationsfreiheit/
'Are you Death?' ... IT'S THE SCYTHE, ISN'T IT? PEOPLE ALWAYS NOTICE THE SCYTHE.
            -- Terry Pratchett, The Fifth Elephant



More information about the NANOG mailing list