[dns-operations] zazinet.net Odd Behavior

Mark Andrews marka at isc.org
Mon Jun 6 01:45:09 UTC 2011 

There are two problems here.

1. name-services.com are running nameservers which accept a CNAME at the
   top of zone in contradiction of RFC 1035.  This leads to operational
   problems as pointed out in RFC 1035.
2. Having a CNAME pointing to itself creates a infinite loop.  This is
   not good but recursive servers are expected to handle it.

Mark

In message <4DEAD848.1010105 at baylor.edu>, RL Vaughn writes:
> Ran into this domain the other day when a dig to my Airport Extreme
> turned out this:
> dig @192.168.1.1 zazinet.net
> 
> ; <<>> DiG 9.6.0-APPLE-P2 <<>> @192.168.1.1 zazinet.net
> ; (1 server found)
> ;; global options: +cmd
> ;; connection timed out; no servers could be reached
> ##
> 
> Turns out the Airport Extreme takes about 23 seconds but eventually
> responds SERVFAIL to this domain.
> 
> dig to BIND running on more powerful equipment yields SERVFAIL
> fairly quickly.
> 
> ## dig @149.20.64.20 zazinet.net
> 
> ; <<>> DiG 9.6.0-APPLE-P2 <<>> @149.20.64.20 zazinet.net
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49597
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;zazinet.net.			IN	A
> 
> ;; Query time: 2571 msec
> 
> 
> 
> OTOH, dig to  a server (Microsoft) over in @dayjob gives me something
> entirely unexpected:
> 
> ; <<>> DiG 9.6.0-APPLE-P2 <<>> zazinet.net
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34948
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 20, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;zazinet.net.         IN   A
> 
> ;; ANSWER SECTION:
> zazinet.net.      1798   IN   CNAME   zazinet.net.
> zazinet.net.      1798   IN   CNAME   zazinet.net.
> zazinet.net.      1798   IN   CNAME   zazinet.net.
> zazinet.net.      1798   IN   CNAME   zazinet.net.
> zazinet.net.      1798   IN   CNAME   zazinet.net.
> zazinet.net.      1798   IN   CNAME   zazinet.net.
> zazinet.net.      1798   IN   CNAME   zazinet.net.
> zazinet.net.      1798   IN   CNAME   zazinet.net.
> zazinet.net.      1798   IN   CNAME   zazinet.net.
> 
> ...
> ;; Query time: 1877 msec
> 
> 
> I guess this is a well-known configuration no-no. 'twas news
> to me.  If, however, this is real news, such behavior should
> most-likely be sternly 'ex-couraged';)
> 
> Randy
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the dns-operations mailing list