[dns-operations] Problem with .NL authoritative server: nl1.dnsnode.net[2001:67c:1010:10::53]

Viktor Dukhovni ietf-dane at dukhovni.org
Mon Aug 29 17:55:19 UTC 2016 

The authoritative nameservers for .nl are at present:

    nl1.dnsnode.net.        A       194.146.106.42
    nl1.dnsnode.net.        AAAA    2001:67c:1010:10::53
    ns-nl.nic.fr.           A       192.93.0.4
    ns-nl.nic.fr.           AAAA    2001:660:3005:1::1:2
    ns1.dns.nl.             A       193.176.144.5
    ns1.dns.nl.             AAAA    2a00:d78:0:102:193:176:144:5
    ns2.dns.nl.             A       213.154.241.85
    ns2.dns.nl.             AAAA    2001:7b8:606::85
    ns3.dns.nl.             A       194.171.17.10
    ns3.dns.nl.             AAAA    2001:610:0:800d::10
    ns4.dns.nl.             A       95.142.99.212
    ns4.dns.nl.             AAAA    2a00:1188:5::212
    ns5.dns.nl.             A       194.0.28.53
    ns5.dns.nl.             AAAA    2001:678:2c:0:194:0:28:53
    sns-pb.isc.org.         A       192.5.4.1
    sns-pb.isc.org.         AAAA    2001:500:2e::1

When pruning a list of ~700k 2LD .NL domains to just those that
have DS records, I split the batch into 16 ~equal pieces and sent
each batch to one of the 16 IP addresses above.  For 15 of the batches
nothing unusual happened, but the batch that went to:

    nl1.dnsnode.net.        AAAA    2001:67c:1010:10::53

exhibited unusual behaviour, for 152 out of the ~45k (1:300) queries
to that address, the response came back from the wrong IPv6 address,
per the frequency table below:

  34 ;; reply from unexpected source: 2001:67c:1010:27::53#53, expected 2001:67c:1010:10::53#53
  25 ;; reply from unexpected source: 2001:67c:1010:23::53#53, expected 2001:67c:1010:10::53#53
  21 ;; reply from unexpected source: 2001:67c:1010:7::53#53, expected 2001:67c:1010:10::53#53
  21 ;; reply from unexpected source: 2001:67c:1010:11::53#53, expected 2001:67c:1010:10::53#53
  16 ;; reply from unexpected source: 2001:67c:1010:2::53#53, expected 2001:67c:1010:10::53#53
   8 ;; reply from unexpected source: 2001:67c:1010:31::53#53, expected 2001:67c:1010:10::53#53
   7 ;; reply from unexpected source: 2001:67c:1010:5::53#53, expected 2001:67c:1010:10::53#53
   4 ;; reply from unexpected source: 2001:67c:1010:18::53#53, expected 2001:67c:1010:10::53#53
   3 ;; reply from unexpected source: 2001:67c:1010:6::53#53, expected 2001:67c:1010:10::53#53
   3 ;; reply from unexpected source: 2001:67c:1010:28::53#53, expected 2001:67c:1010:10::53#53
   2 ;; reply from unexpected source: 2001:67c:1010:12::53#53, expected 2001:67c:1010:10::53#53
   1 ;; reply from unexpected source: 2001:67c:1010:8::53#53, expected 2001:67c:1010:10::53#53
   1 ;; reply from unexpected source: 2001:67c:1010:29::53#53, expected 2001:67c:1010:10::53#53
   1 ;; reply from unexpected source: 2001:67c:1010:19::53#53, expected 2001:67c:1010:10::53#53
   1 ;; reply from unexpected source: 2001:67c:1010:17::53#53, expected 2001:67c:1010:10::53#53
   1 ;; reply from unexpected source: 2001:67c:1010:16::53#53, expected 2001:67c:1010:10::53#53
   1 ;; reply from unexpected source: 2001:67c:1010:15::53#53, expected 2001:67c:1010:10::53#53
   1 ;; reply from unexpected source: 2001:67c:1010:14::53#53, expected 2001:67c:1010:10::53#53
   1 ;; reply from unexpected source: 2001:67c:1010:13::53#53, expected 2001:67c:1010:10::53#53

Is anyone else seeing this?

-- 
	Viktor.

More information about the dns-operations mailing list