[dns-operations] Authoritative name server replies NODATA for a non-existing domain

Kabindra Shrestha kabindra at geeks.net.np
Wed Apr 22 16:47:21 UTC 2015


Yes, its due to bug:

	• Fix RCODE when secondary NSD got transfer that includes deleted wildcard record. After deletion, NSD would serve NODATA, should be NXDOMAIN (thanks Michal Kepien).

Thanks.




> On Apr 22, 2015, at 10:07 PM, Robert Edmonds <edmonds at mycre.ws> wrote:
> 
> Stephane Bortzmeyer wrote:
>> Strange behavior:
>> 
>> % for ns in $(dig +nodnssec +short NS adult.); do
>> echo $ns
>> dig @$ns NS thisdomaincertainlydoesnotexist.adult |& grep status:
>> done
>> d0.nic.adult.
>> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13433
>> c0.nic.adult.
>> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23111
>> a0.nic.adult.
>> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 3358
>> a2.nic.adult.
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 48334
>> b2.nic.adult.
>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29932
>> b0.nic.adult.
>> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58405
> 
> Interestingly, the two servers that return NOERROR are distinguishable
> from the others using fpdns:
> 
>    fingerprint (a0.nic.adult., 199.115.152.1): No match found
>    fingerprint (a0.nic.adult., 2001:500:a0:0:0:0:0:1): No match found
>    fingerprint (a2.nic.adult., 199.115.156.1): NLnetLabs NSD 3.1.0 -- 3.2.8 [New Rules]
>    fingerprint (a2.nic.adult., 2001:500:a4:0:0:0:0:1): NLnetLabs NSD 3.1.0 -- 3.2.8 [New Rules]
>    fingerprint (b0.nic.adult., 199.115.153.1): No match found
>    fingerprint (b0.nic.adult., 2001:500:a1:0:0:0:0:1): No match found
>    fingerprint (b2.nic.adult., 199.115.157.1): NLnetLabs NSD 3.1.0 -- 3.2.8 [New Rules]
>    fingerprint (b2.nic.adult., 2001:500:a5:0:0:0:0:1): NLnetLabs NSD 3.1.0 -- 3.2.8 [New Rules]
>    fingerprint (c0.nic.adult., 199.115.154.1): No match found
>    fingerprint (c0.nic.adult., 2001:500:a2:0:0:0:0:1): No match found
>    fingerprint (d0.nic.adult., 199.115.155.1): No match found
>    fingerprint (d0.nic.adult., 2001:500:a3:0:0:0:0:1): No match found
> 
> --
> Robert Edmonds
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

Regards,
Kabindra Shrestha

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20150422/988d0f02/attachment.sig>


More information about the dns-operations mailing list