[dns-operations] Problem with .NL authoritative server: nl1.dnsnode.net[2001:67c:1010:10::53]

Robert Edmonds edmonds at mycre.ws
Mon Aug 29 19:44:02 UTC 2016


Jaap Akkerhuis wrote:
>  Viktor Dukhovni writes:
> 
>  > <SNIP>
>  > 
>  > nothing unusual happened, but the batch that went to:
>  > 
>  >     nl1.dnsnode.net.        AAAA    2001:67c:1010:10::53
>  > 
>  > exhibited unusual behaviour, for 152 out of the ~45k (1:300) queries
>  > to that address, the response came back from the wrong IPv6 address,
>  > per the frequency table below:
>  > 
>  >   34 ;; reply from unexpected source: 2001:67c:1010:27::53#53, expected 2001:67c:1010:10::53#53
>  > etc.
> 
> nl1.dnsnode.net is an anycast server operated but netnod. It seems that some internal addresses escaped...

It looks like they're not internal addresses, but rather additional
addresses assigned to the server.

    $ dig +short -x 2001:67c:1010:27::53
    apnic1.dnsnode.net.

    $ dig +short -x 2001:67c:1010:23::53
    y.dns.eu.

    $ dig +short -x 2001:67c:1010:7::53
    s.dns.it.

    $ dig +short -x 2001:67c:1010:11::53
    f.ext.nic.fr.

    $ dig +short -x 2001:67c:1010:2::53
    ch1.dnsnode.net.

    $ dig +short -x 2001:67c:1010:31::53
    ns1.ns.il.

    […]

I would guess some sort of misconfiguration causing the kernel to select
the wrong source address when responding.

-- 
Robert Edmonds



More information about the dns-operations mailing list