[dns-operations] qwest EDNS implementation error
Mark Andrews
marka at isc.org
Tue Jul 11 10:56:20 UTC 2017
Qwest were informed years ago about this. They don't seem to want
to fix their servers.
See https://ednscomp.isc.org/compliance/gov-full-report.html#eo
Mark
In message <alpine.DEB.2.11.1707111128440.23731 at grey.csi.cam.ac.uk>, Tony Finch
writes:
> We received a failure report about DNS resolution failures with bea.gov.
> This is due to the qwest secondary authoritative DNS servers failing to
> handle unknown EDNS options correctly.
>
> $ dig +noall +authority ns bea.gov. @a.gov-servers.net.
> bea.gov. 86400 IN NS sauthns1.qwest.net.
> bea.gov. 86400 IN NS sauthns2.qwest.net.
>
> $ dig ns bea.gov. @sauthns1.qwest.net. | grep status
> ;; ->>HEADER<<- opcode: QUERY, status: BADVERS, id: 64086
>
> $ dig +nocookie ns bea.gov. @sauthns1.qwest.net. | grep status
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42545
>
> authns1.qwest.net and authns2.qwest.net (the authoritative nameservers
> for qwest.net) work correctly.
>
> sauthns1.qwest.net and sauthns2.qwest.net (the authoritative nameservers
> for bea.gov) are buggy.
>
> Tony.
> --
> f.anthony.n.finch <dot at dotat.at> http://dotat.at/ - I xn--zr8h punycode
> Humber: Cyclonic becoming north 4 or 5, increasing 6 at times. Slight or
> moderate, occasionally smooth at first. Rain at times. Moderate or good.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the dns-operations
mailing list