[dns-operations] is there anyone from microsoft on the list?

fujiwara at jprs.co.jp fujiwara at jprs.co.jp
Thu Mar 18 03:39:37 UTC 2010

ns[1-5].msft.net configuration continues for five years or more.

I sometimes checked it because I interested this configuration.
At a certain time, ns4.msft.net answers EDNS0 queries, but then,
it was closed.

Recent full resolvers does not seem to be affected by this configuration.
(or little affected)

I want to know what problem do you have.

I believed that this problem was terrible five years ago, but it does
not affect BIND 9 full resolver. Then I thought it is unique/good example.

This configuration affects BIND 8 full resolver performance if there
are many clients which queries this ownername.


Kazunori Fujiwara, JPRS <fujiwara at jprs.co.jp>

> From: Robert Edmonds <edmonds at isc.org>
> ns[1-5].msft.net are broken; they set the TC bit on certain UDP
> responses but do not respond to TCP queries.
>     microsoft.com has address
>     microsoft.com has address
>     microsoft.com mail is handled by 10 mail.messaging.microsoft.com.
>     46.207.in-addr.arpa.    86400   IN  NS  ns1.msft.net.
>     46.207.in-addr.arpa.    86400   IN  NS  ns2.msft.net.
>     46.207.in-addr.arpa.    86400   IN  NS  ns5.msft.net.
>     46.207.in-addr.arpa.    86400   IN  NS  ns4.msft.net.
>     46.207.in-addr.arpa.    86400   IN  NS  ns3.msft.net.
>     ;; Received 142 bytes from 2001:500:31::63#53(x.arin.net) in 105 ms
>     $ dig +norec @ns1.msft.net -x
>     ;; Truncated, retrying in TCP mode.
>     ; <<>> DiG 9.7.0 <<>> +norec @ns1.msft.net -x
>     ; (1 server found)
>     ;; global options: +cmd
>     ;; connection timed out; no servers could be reached
> packet capture is attached.
> -- 
> Robert Edmonds
> edmonds at isc.org

More information about the dns-operations mailing list