[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
.mil nameserver problems?
In message <589775371002161915h513bd247wcc4776856ed4487a at mail.gmail.com>, David
Ulevitch writes:
> On Tue, Feb 16, 2010 at 6:55 PM, Antonio Querubin <tony at lava.net> wrote:
> > Anyone else noticing an increase in .mil nameserver problems today? Our
> > resolvers aren't able to find NS info for various .mil domains such as
> > pacom.mil and usfj.mil.
> >
> > % dig +trace pacom.mil
> >
>
> Actually, a number of the .mil zones are exceptionally broken, and
> pacom.mil is no exception. :-)
>
> The .mil TLD servers seem to have loaded the entire zones and are
> serving borked zones as a result. For example, ask the TLD about
> www.pacom.mil:
No. Just a failure to seperate authoritative and recursive functionality.
You can workout how many servers there are by looking at the TTL decays.
> $ dig @PAC1.NIPR.mil. www.pacom.mil
>
> ; <<>> DiG 9.4.3-P3 <<>> @PAC1.NIPR.mil. www.pacom.mil
> ; (1 server found)
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35118
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.pacom.mil. IN A
>
> ;; ANSWER SECTION:
> www.pacom.mil. 1722 IN CNAME www.pacom.mil.edgesuite
> .net.
> www.pacom.mil.edgesuite.net. 401 IN CNAME a1112.g.akamai.net.
> a1112.g.akamai.net. 20 IN A 209.107.205.160
> a1112.g.akamai.net. 20 IN A 209.107.205.88
>
> ;; Query time: 234 msec
> ;; SERVER: 199.252.180.234#53(199.252.180.234)
> ;; WHEN: Tue Feb 16 19:14:13 2010
> ;; MSG SIZE rcvd: 133
>
> And if you ask for an NS record for pacom.mil, it'll give you that,
> but without an additional section despite having the answers, because
> it thinks it is the authoritative for that zone (I'm guessing that
> explains the behavior but don't know their software).
>
> -David
>
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org