[dns-operations] is there anyone from microsoft on the list?

fujiwara at jprs.co.jp fujiwara at jprs.co.jp
Thu Mar 18 03:39:37 UTC 2010


ns[1-5].msft.net configuration continues for five years or more.

I sometimes checked it because I interested this configuration.
At a certain time, ns4.msft.net answers EDNS0 queries, but then,
it was closed.

Recent full resolvers does not seem to be affected by this configuration.
(or little affected)

I want to know what problem do you have.

I believed that this problem was terrible five years ago, but it does
not affect BIND 9 full resolver. Then I thought it is unique/good example.

This configuration affects BIND 8 full resolver performance if there
are many clients which queries this ownername.

Regards,

--
Kazunori Fujiwara, JPRS <fujiwara at jprs.co.jp>

> From: Robert Edmonds <edmonds at isc.org>
> ns[1-5].msft.net are broken; they set the TC bit on certain UDP
> responses but do not respond to TCP queries.
> 
>     microsoft.com has address 207.46.197.32
>     microsoft.com has address 207.46.232.182
>     microsoft.com mail is handled by 10 mail.messaging.microsoft.com.
> 
>     46.207.in-addr.arpa.    86400   IN  NS  ns1.msft.net.
>     46.207.in-addr.arpa.    86400   IN  NS  ns2.msft.net.
>     46.207.in-addr.arpa.    86400   IN  NS  ns5.msft.net.
>     46.207.in-addr.arpa.    86400   IN  NS  ns4.msft.net.
>     46.207.in-addr.arpa.    86400   IN  NS  ns3.msft.net.
>     ;; Received 142 bytes from 2001:500:31::63#53(x.arin.net) in 105 ms
> 
>     $ dig +norec @ns1.msft.net -x 207.46.197.32
>     ;; Truncated, retrying in TCP mode.
> 
>     ; <<>> DiG 9.7.0 <<>> +norec @ns1.msft.net -x 207.46.197.32
>     ; (1 server found)
>     ;; global options: +cmd
>     ;; connection timed out; no servers could be reached
> 
> packet capture is attached.
> 
> -- 
> Robert Edmonds
> edmonds at isc.org



More information about the dns-operations mailing list