[dns-operations] A interesting result to a AAAA query

Roy Arends roy at dnss.ec
Tue Nov 17 13:09:47 UTC 2009 

On Nov 17, 2009, at 1:49 PM, Edward Lewis wrote:

> At 15:36 +1100 11/17/09, Mark Andrews wrote:
>> ; <<>> DiG 9.3.6-P1 <<>> toggle.www.ms.akadns.net aaaa +trace
> ...
>> toggle.www.ms.akadns.net. 300	IN	CNAME	g.www.ms.akadns.net.
>> g.www.ms.akadns.net.	300	IN	CNAME	lb1.www.ms.akadns.net.
>> lb1.www.ms.akadns.net.	300	IN	A	64.4.31.252
>> lb1.www.ms.akadns.net.	300	IN	A	207.46.19.190
>> lb1.www.ms.akadns.net.	300	IN	A	207.46.19.254
>> ;; Received 124 bytes from 220.73.220.4#53(asia9.akadns.net) in 400 ms
> 
> What is dig doing?  Are you sure it isn't asking for an A record?

Dig +trace is asking for AAAA.

> If you drop the +trace option and "dig toggle.www.ms.akadns.net aaaa" the response is "normal."  No error and an answer section of just two CNAME records.

You're likely talking to a resolver then.

> If you ask for A records, you get A records in addition to the CNAME records.

; <<>> DiG 9.6.0-APPLE-P2 <<>> +qr +norec @220.73.220.4 toggle.www.ms.akadns.net aaaa
; (1 server found)
;; global options: +cmd
;; Sending:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47180
;; flags:; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;toggle.www.ms.akadns.net.	IN	AAAA

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47180
;; flags: qr aa; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;toggle.www.ms.akadns.net.	IN	AAAA

;; ANSWER SECTION:
toggle.www.ms.akadns.net. 300	IN	CNAME	g.www.ms.akadns.net.
g.www.ms.akadns.net.	300	IN	CNAME	lb1.www.ms.akadns.net.
lb1.www.ms.akadns.net.	300	IN	A	207.46.19.190
lb1.www.ms.akadns.net.	300	IN	A	64.4.31.252
lb1.www.ms.akadns.net.	300	IN	A	207.46.19.254

;; Query time: 494 msec
;; SERVER: 220.73.220.4#53(220.73.220.4)
;; WHEN: Tue Nov 17 13:58:29 2009
;; MSG SIZE  rcvd: 124

A modern resolver will scrub the spurious A records, as they don't match type, and will subsequently query for:

dig +qr +norec @220.73.220.4 lb1.www.ms.akadns.net AAAA

; <<>> DiG 9.6.0-APPLE-P2 <<>> +qr +norec @220.73.220.4 lb1.www.ms.akadns.net AAAA
; (1 server found)
;; global options: +cmd
;; Sending:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10811
;; flags:; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;lb1.www.ms.akadns.net.		IN	AAAA

;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10811
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;lb1.www.ms.akadns.net.		IN	AAAA

;; AUTHORITY SECTION:
akadns.net.		180	IN	SOA	internal.akadns.net. hostmaster.akamai.com. 1258463202 90000 90000 90000 180

;; Query time: 351 msec
;; SERVER: 220.73.220.4#53(220.73.220.4)
;; WHEN: Tue Nov 17 14:06:42 2009
;; MSG SIZE  rcvd: 105

which is a nodata response, which is what you'd likely have seen.


Roy






> 
> Nothing surprising...
> -- 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Edward Lewis
> NeuStar                    You can leave a voice message at +1-571-434-5468
> 
> As with IPv6, the problem with the deployment of frictionless surfaces is
> that they're not getting traction.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>

More information about the dns-operations mailing list