[dns-operations] af.mil DNS issue

Joseph S D Yao jsdy at center.osis.gov
Sat Jul 1 02:32:36 UTC 2006

On Fri, Jun 30, 2006 at 09:07:47PM -0400, Joe Abley wrote:
> On 30-Jun-2006, at 16:07, Joseph S D Yao wrote:
> >And why should there be an A record for the domain afnoc.af.mil,  
> >anyway?
> Because it's listed as the primary server in the SOA record?

No, that's the reason the SOA record needs to be repaired.  Most people
don't fill that entry out correctly.  In fact, I deliberately put a
non-existent name in there so that my real or stealth name-servers-
containing-master-copies-of-zones won't get spammed by random dynamic
DNS "updates".  Maybe the af.mil guys are just doing the same thing.
Not a problem.

I've also seen it as ".".  I use "no-ddns.<domain>.".

> [octopus:~]% dig af.mil soa +short
> afnoc.af.mil. dnsman.afnoc.af.mil. 2006063047 3600 900 604800 2700
> [octopus:~]%
> Not that I can see why the absence of A or AAAA RRsets for  
> afnoc.af.mil should cause anything to break for people outside  
> AF.MIL, unless they want general clients in the world to send them  
> dynamic update queries (which seems somewhat unlikely :-).


Joe Yao
   This message is not an official statement of OSIS Center policies.

More information about the dns-operations mailing list