[dns-operations] does anybody know why yahoo+akamai are doing this?

Niall O'Reilly Niall.oReilly at ucd.ie
Sun Mar 19 11:35:50 UTC 2006


On 19 Mar 2006, at 10:10, Peter Dambier wrote:

> ; <<>> DiG 9.1.3 <<>> -t any www.microsoft.com
> ;; global options:  printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33270
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;www.microsoft.com.             IN      ANY
>
> ;; ANSWER SECTION:
> www.microsoft.com.      3600    IN      CNAME    
> toggle.www.ms.akadns.net.
> toggle.www.ms.akadns.net. 300   IN      CNAME   g.www.ms.akadns.net.
>
> ;; Query time: 1250 msec
> ;; SERVER: 192.168.208.228#53(192.168.208.228)
> ;; WHEN: Sun Mar 19 10:49:27 2006
> ;; MSG SIZE  rcvd: 89

With respect, I really wonder what the point of this example is.

All it shows is that a caching resolver on a private network has
somehow gotten junk in its cache, and is prepared to serve it out.
It can be inferred, but not with certainty, that this cached data
is derived from a non-conformant answer (or series of such answers)
from one or more authoritative servers, officially advertised for
the relevant zone.

Showing the response from such a delinquent authoritative server
would concretely demonstrate and localize the problem suggested by
the example.

Why leave the real work as an exercise for the reader?





More information about the dns-operations mailing list