[dns-operations] gov.mu inconsistency

S Moonesamy sm+mu at elandsys.com
Thu Nov 6 22:37:51 UTC 2014

Hi Casey,
At 13:48 06-11-2014, Casey Deccio wrote:
>There are clearly two versions of the zone being served by gov.mu 
>servers.  If the value of the serials is any indicator of date (as 
>it appears), then udns1.tld.mu and anycast1.irondns.net are serving 
>a version of the zone that is about ten months newer than that being 
>served by ns{1,2,3}.gov.mu (2014110646 vs. 2014010572).

The strange part (re. date) is that I got a serial of 2014010166 on 7 
October from a resolver.

>Note that udns1.tld.mu and anycast1.irondns.net are *not* in the NS 
>RRset for gov.mu (i.e., aren't explicitly designated as 
>authoritative), but they *are* authoritative for mu, and do also 
>(stealthily) answer authoritatively for gov.mu, which means that 
>your resolver will accept their answer when it queries mu for 
>something in gov.mu (although it will learn the designated NS names 
>in the authority section of the response).

Thanks for the explanation.

S. Moonesamy  

More information about the dns-operations mailing list