[dns-operations] Authoritative name server replies NODATA for a non-existing domain
Robert Edmonds
edmonds at mycre.ws
Wed Apr 22 16:22:59 UTC 2015
Stephane Bortzmeyer wrote:
> Strange behavior:
>
> % for ns in $(dig +nodnssec +short NS adult.); do
> echo $ns
> dig @$ns NS thisdomaincertainlydoesnotexist.adult |& grep status:
> done
> d0.nic.adult.
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13433
> c0.nic.adult.
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23111
> a0.nic.adult.
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3358
> a2.nic.adult.
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48334
> b2.nic.adult.
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29932
> b0.nic.adult.
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58405
Interestingly, the two servers that return NOERROR are distinguishable
from the others using fpdns:
fingerprint (a0.nic.adult., 199.115.152.1): No match found
fingerprint (a0.nic.adult., 2001:500:a0:0:0:0:0:1): No match found
fingerprint (a2.nic.adult., 199.115.156.1): NLnetLabs NSD 3.1.0 -- 3.2.8 [New Rules]
fingerprint (a2.nic.adult., 2001:500:a4:0:0:0:0:1): NLnetLabs NSD 3.1.0 -- 3.2.8 [New Rules]
fingerprint (b0.nic.adult., 199.115.153.1): No match found
fingerprint (b0.nic.adult., 2001:500:a1:0:0:0:0:1): No match found
fingerprint (b2.nic.adult., 199.115.157.1): NLnetLabs NSD 3.1.0 -- 3.2.8 [New Rules]
fingerprint (b2.nic.adult., 2001:500:a5:0:0:0:0:1): NLnetLabs NSD 3.1.0 -- 3.2.8 [New Rules]
fingerprint (c0.nic.adult., 199.115.154.1): No match found
fingerprint (c0.nic.adult., 2001:500:a2:0:0:0:0:1): No match found
fingerprint (d0.nic.adult., 199.115.155.1): No match found
fingerprint (d0.nic.adult., 2001:500:a3:0:0:0:0:1): No match found
--
Robert Edmonds
More information about the dns-operations
mailing list