[dns-operations] Problems with whois.verisign-grs.com

Wessels, Duane dwessels at verisign.com
Fri Jun 16 19:24:40 UTC 2017 

Tony,

Thanks for letting us know about the issue.  We’re investigating further.  Our Customer Care team is tracking this issue as well and will update you when it is addressed.

DW



> On Jun 16, 2017, at 9:16 AM, Tony Finch <dot at dotat.at> wrote:
> 
> The name servers for whois.verisign-grs.com have some annoying misbehaviour.
> 
> They do not permit queries over TCP, and they sometimes respond
> with truncated queries over UDP, specifically, when you query for
> whois.verisign-grs.com AAAA with an EDNS cookie and an EDNS buffer
> size of 526 bytes or less.
> 
> If you query with an EDNS buffer size betwee 527 and 673 inclusive, you
> get a curious response listing 17 addresses.
> 
> If you query with an EDNS buffer size of 674 or more, you get a more
> normal response with 1 answer and a filled in authority section. This
> response is less than 512 bytes.
> 
> The same thing happens when querying over IPv6 and IPv4.
> 
> Without cookies the servers return a small response with just one record
> in the answer section.
> 
> This misbehaviour causes problems with recent versions of BIND which
> support EDNS cookies and start off with an EDNS buffer size of 512.
> 
> 
> ; <<>> DiG 9.12.0-dev <<>> +bufsize=526 +qr +ignore +norec +noad whois.verisign-grs.com AAAA @whoisns1.nstld.net.
> ;; global options: +cmd
> ;; Sending:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27842
> ;; flags:; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 526
> ; COOKIE: aaaed3db1772f7b1
> ;; QUESTION SECTION:
> ;whois.verisign-grs.com.                IN      AAAA
> 
> ;; QUERY SIZE: 63
> 
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27842
> ;; flags: qr aa tc; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;whois.verisign-grs.com.                IN      AAAA
> 
> ;; Query time: 112 msec
> ;; SERVER: 2001:503:ff39:10ff::206#53(2001:503:ff39:10ff::206)
> ;; WHEN: Fri Jun 16 16:55:06 BST 2017
> ;; MSG SIZE  rcvd: 51
> 
> 
> ; <<>> DiG 9.12.0-dev <<>> +bufsize=673 +qr +ignore +norec +noad whois.verisign-grs.com AAAA @whoisns1.nstld.net.
> ;; global options: +cmd
> ;; Sending:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24404
> ;; flags:; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 673
> ; COOKIE: b894234a4ab01aae
> ;; QUESTION SECTION:
> ;whois.verisign-grs.com.                IN      AAAA
> 
> ;; QUERY SIZE: 63
> 
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24404
> ;; flags: qr aa tc; QUERY: 1, ANSWER: 17, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;whois.verisign-grs.com.                IN      AAAA
> 
> ;; ANSWER SECTION:
> whois.verisign-grs.com. 1       IN      AAAA    2001:500:ed30:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:501:8a29:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:502:8c25:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:502:be98:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:3227:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:4872:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:5419:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:5ae2:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:6810:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:7bbf:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:91ef:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:bfb0:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:e8ef:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:f189:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:f3da:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:503:ff39:1000::74
> whois.verisign-grs.com. 1       IN      AAAA    2001:500:30ff:1000::74
> 
> ;; Query time: 112 msec
> ;; SERVER: 2001:503:ff39:10ff::206#53(2001:503:ff39:10ff::206)
> ;; WHEN: Fri Jun 16 16:57:11 BST 2017
> ;; MSG SIZE  rcvd: 527
> 
> 
> ; <<>> DiG 9.12.0-dev <<>> +bufsize=674 +qr +ignore +norec +noad whois.verisign-grs.com AAAA @whoisns1.nstld.net.
> ;; global options: +cmd
> ;; Sending:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8511
> ;; flags:; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 674
> ; COOKIE: 0883b0701c0e3520
> ;; QUESTION SECTION:
> ;whois.verisign-grs.com.                IN      AAAA
> 
> ;; QUERY SIZE: 63
> 
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8511
> ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;whois.verisign-grs.com.                IN      AAAA
> 
> ;; ANSWER SECTION:
> whois.verisign-grs.com. 30      IN      AAAA    2001:503:f189:1000::74
> 
> ;; AUTHORITY SECTION:
> whois.verisign-grs.com. 500     IN      NS      whoisns4.nstld.net.
> whois.verisign-grs.com. 500     IN      NS      whoisns2.nstld.net.
> whois.verisign-grs.com. 500     IN      NS      whoisns5.nstld.net.
> whois.verisign-grs.com. 500     IN      NS      whoisns3.nstld.net.
> whois.verisign-grs.com. 500     IN      NS      whoisns6.nstld.net.
> whois.verisign-grs.com. 500     IN      NS      whoisns1.nstld.net.
> 
> ;; Query time: 113 msec
> ;; SERVER: 2001:503:ff39:10ff::206#53(2001:503:ff39:10ff::206)
> ;; WHEN: Fri Jun 16 16:59:03 BST 2017
> ;; MSG SIZE  rcvd: 226
> 
> 
> ; <<>> DiG 9.12.0-dev <<>> +nocookie +bufsize=512 +qr +ignore +norec +noad whois.verisign-grs.com AAAA @whoisns1.nstld.net.
> ;; global options: +cmd
> ;; Sending:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63023
> ;; flags:; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;whois.verisign-grs.com.                IN      AAAA
> 
> ;; QUERY SIZE: 51
> 
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63023
> ;; flags: qr aa; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 512
> ;; QUESTION SECTION:
> ;whois.verisign-grs.com.                IN      AAAA
> 
> ;; ANSWER SECTION:
> whois.verisign-grs.com. 30      IN      AAAA    2001:500:30ff:1000::74
> 
> ;; Query time: 112 msec
> ;; SERVER: 2001:503:ff39:10ff::206#53(2001:503:ff39:10ff::206)
> ;; WHEN: Fri Jun 16 17:04:21 BST 2017
> ;; MSG SIZE  rcvd: 79
> 
> 
> Tony.
> -- 
> f.anthony.n.finch  <dot at dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
> Fisher, German Bight: Northwest 5 to 7, occasionally gale 8 at first in
> Fisher, backing west 4 or 5 later. Moderate, occasionally rough in east
> Fisher. Fair. Good.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-operations mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations

More information about the dns-operations mailing list