[dns-operations] NSATC DNS oddities last week (affecting hotmail, msn etc)

bert hubert bert.hubert at netherlabs.nl
Fri Aug 3 09:16:19 UTC 2007


Last week many people noticed something odd with the delegation of many
microsoft related domains, which point to hosts within the nsatc domain.

This was what appeared in caches:

  nsatc.net.              [very-high-ttl] IN NS  cz-1.ns.nsatc.net.

One single NS records, cz-1.ns.nsatc.net with 1 IP address,,
which did not work at that time.

Users of the PowerDNS recursor suffered a lack of service until providers
purged the nsatc.net broken NS record from the cache.

It looks like BIND however suffered no such problems, or at least for a far
briefer period of time.

My questions to this list are:

1) Did anybody else notice this happening last week, and is it known what
happened exactly?

2) It has been suggested that PowerDNS invalidate an NS record from its
cache if it is not responsive, and refetch from higher up. I recall BIND
implemented something like lowering the TTL quicker than realtime based on
query load, which would implement something like this.

Is this considered a good idea?


http://www.PowerDNS.com      Open source, database driven DNS Software 
http://netherlabs.nl              Open and Closed source services

More information about the dns-operations mailing list