[dns-operations] Problem with .NL authoritative server: nl1.dnsnode.net[2001:67c:1010:10::53]
Robert Edmonds
edmonds at mycre.ws
Mon Aug 29 19:44:02 UTC 2016
Jaap Akkerhuis wrote:
> Viktor Dukhovni writes:
>
> > <SNIP>
> >
> > nothing unusual happened, but the batch that went to:
> >
> > nl1.dnsnode.net. AAAA 2001:67c:1010:10::53
> >
> > exhibited unusual behaviour, for 152 out of the ~45k (1:300) queries
> > to that address, the response came back from the wrong IPv6 address,
> > per the frequency table below:
> >
> > 34 ;; reply from unexpected source: 2001:67c:1010:27::53#53, expected 2001:67c:1010:10::53#53
> > etc.
>
> nl1.dnsnode.net is an anycast server operated but netnod. It seems that some internal addresses escaped...
It looks like they're not internal addresses, but rather additional
addresses assigned to the server.
$ dig +short -x 2001:67c:1010:27::53
apnic1.dnsnode.net.
$ dig +short -x 2001:67c:1010:23::53
y.dns.eu.
$ dig +short -x 2001:67c:1010:7::53
s.dns.it.
$ dig +short -x 2001:67c:1010:11::53
f.ext.nic.fr.
$ dig +short -x 2001:67c:1010:2::53
ch1.dnsnode.net.
$ dig +short -x 2001:67c:1010:31::53
ns1.ns.il.
[…]
I would guess some sort of misconfiguration causing the kernel to select
the wrong source address when responding.
--
Robert Edmonds
More information about the dns-operations
mailing list