[dns-operations] Odd query pattern
Florian Weimer
fweimer at bfk.de
Mon Feb 21 11:00:35 UTC 2011
* Florian Weimer:
> Most such query sequences begin with a query which receives a negative
> response (and not a delegation, which rules out a measure to add
> randomness to the query). My initial suspicion was that this is
> caused by misinterpreted RRSIG or NSEC3 records, but there is some
> data that appears to contradict this hypothesis---most zones receiving
> such queries are signed, but not all of them.
This could be a workaround for a protocol issue involving missing glue
records:
<http://www.ietf.org/mail-archive/web/dnsext/current/msg10640.html>
But this doesn't explain the repeated queries with questions
increasing in length, so it's pretty broken even for a workaround.
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the dns-operations
mailing list