[dns-operations] *.a.0.0.1.0.a.2.ip6.arpa SERVFAIL's on tinnie.arin.net

Jeroen Massar jeroen at unfix.org
Fri Mar 23 00:41:47 UTC 2007


Hi,

From a "dig +trace a.0.0.1.0.a.2.ip6.arpa." we learn:
8<---------------------------------------------------------------
0.a.2.ip6.arpa.         84600   IN      NS      ns.lacnic.net.
0.a.2.ip6.arpa.         84600   IN      NS      sec1.apnic.net.
0.a.2.ip6.arpa.         84600   IN      NS      sec3.apnic.net.
0.a.2.ip6.arpa.         84600   IN      NS      ns-pri.ripe.net.
0.a.2.ip6.arpa.         84600   IN      NS      tinnie.arin.net.
;; Received 299 bytes from 192.0.34.126#53(ns.icann.org) in 171 ms
--------------------------------------------------------------->8
[*snick* ns.icann.org isn't v6 enabled :( the rest are btw... ]

8<---------------------------------------------------------------
jeroen at purgatory:~$ dig +nostats +nocmd @tinnie.arin.net
1.0.8.a.0.0.1.0.a.2.ip6.arpa. ns
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 7905
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;1.0.8.a.0.0.1.0.a.2.ip6.arpa.  IN      NS
--------------------------------------------------------------->8

Works when asking RIPE (and ns.lacnic.net + sec[1|3]apnic) :
8<---------------------------------------------------------------
jeroen at purgatory:~$ dig +nocomments +nostats +nocmd @ns-pri.ripe.net.
1.0.8.a.0.0.1.0.a.2.ip6.arpa. ns
;1.0.8.a.0.0.1.0.a.2.ip6.arpa.  IN      NS
0.8.a.0.0.1.0.a.2.ip6.arpa. 172800 IN   NS      ns.blacknightsolutions.com.
0.8.a.0.0.1.0.a.2.ip6.arpa. 172800 IN   NS      ns2.blacknightsolutions.com.
--------------------------------------------------------------->8

The box is not completely b0rked though as it serves others fine:

7.0.1.0.0.2.ip6.arpa works:
8<---------------------------------------------------------------
jeroen at purgatory:~$ dig +nocomments +nostats +nocmd @tinnie.arin.net
7.0.1.0.0.2.ip6.arpa. soa
[..8 authority + 5 additionals..]
--------------------------------------------------------------->8

Can somebody have a look at this as it is causing intermittent reverse
resolution problems with a probability of 1/5 boxes, which then get
cached which makes it a nice find why your reverse is sometimes broken,
then works again and then breaks again.... ;)

Greets,
 Jeroen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 311 bytes
Desc: OpenPGP digital signature
Url : http://lists.oarci.net/pipermail/dns-operations/attachments/20070323/91c2309c/attachment.bin 


More information about the dns-operations mailing list