[dns-operations] The last remaining DNS header flag.

[Mark Andrews]

I’m currently testing the handling of the last remaining DNS header
flag by DNS servers for the Alexa Top 1 Million sites.  At this stage
I’m approaching 200000 sites and have a 11% misbehaviour rate where
the servers echo back the flag.  If we ever want to use this flag in
the future we need to fix this issue now well before we start using
the flag. 

	sites:192370 ok:75868 bad:9524 11.1533%

While this seems to be a lot of sites, many of them are hosted on
common platforms, the list of which is below.  If you see a zone
you control can you please fix your servers to not echo back the
last remaining reserved DNS header flag.  BIND had this issue back
in the 1990’s and it took 10 minutes to fix once it was reported to
us.

It would also be useful if TLD and similar operators could regularly
check for this misbehaviour and inform the zone’s owner so that their
servers can be fixed.  The DNS Compliance tool can check the servers
using a recipe like this.

	dig axfr zone > file
	awk ‘$4 == “NS” { print $1, $5 }’ file | genreport -i zflag

Mark

1-ofd.ru.  114dns.com.  114dns.net.  50megs.com.  52dns.com.
aastock.net.  abc.net.au.  aegworldwide.com.  agu.gov.br.  ainia.net.
akadns.net.  akagtm.org.  akam.net.  akamaistream.net.  alibabadns.com.
alidns.com.  aliyun.com.  alldata.net.  alliancedata.com.  amobee.com.
anadoluajansi.net.  anastasiadate.com.  aoacomnet.jp.  arvixeshared.com.
asmallorange.com.  asoshared.com.  asuscomm.com.  atlantichealth.org.
aurius.sk.  bac.com.  bancodelapampa.com.ar.  bancoentrerios.com.ar.
bancor.com.ar.  bancosanjuan.com.  bancosantacruz.com.
bandhanbankonline.com.  bbb.org.  be.  beta-bank.ru.  bfh.ch.
bgoperator.ru.  biglion.ru.  bitcron.com.  blackrock.com.
blazeblaze.net.  blueweb.co.kr.  bnpparibas.com.  bridgestone.eu.
cadns.ca.  canaldominios.com.  car-part.com.  cdmon.net.  cdns.cn.
centene.com.  chan4chan.com.  changhong.com.  chasingsupermom.com.
cinfa.com.  collabserv.com.  comnet.ne.jp.  comon.ru.
compraspublicas.gob.ec.  convio.net.  coolhuntermx.com.  cpm.co.ma.
crefisa.com.br.  cs.ucl.ac.uk.  csrc.gov.cn.  cwru.edu.  cwspace.de.
cyh.com.tr.  cyon.ch.  darkfetishnet.com.  datacredito.com.co.
datemyage.com.  design-dw.com.  dierichs.de.  dlut.edu.cn.  dns-diy.com.
dns-diy.net.  dns-shop.ru.  dnsbycomodo.net.  dnssys.com.
dogustechnology.com.tr.  dol.com.tr.  domain.com.hk.  domainquadrat.com.
dominios.uol.com.br.  domivesta.com.  domivesta.net.  downloadtech.net.
dream-cyber.com.  drf.com.  dzm.hu.  e-kazan.ru.  e-radio.co.jp.
e-service.com.ve.  east.net.  east.net.cn.  ebuyer.com.  econorentas.com.
edu.sh.cn.  eia.gov.  enst.fr.  entrex.de.  ercot.com.  eriador.sk.
esb.net.tr.  esb.org.tr.  euronet.sk.  europeart.es.  exohosting.cz.
exohosting.sk.  expocentr.com.  farbox.net.  farmers.com.
farmersinsurance.com.  fastdnsnetwork.com.  fc2.com.  finam.ru.
fluent.ltd.uk.  foxconn.com.  freehosting.com.  freeservers.com.
frendi.ru.  fubra.com.  fundacionbotin.org.  funknetz.at.  fureai.or.jp.
g02.cfdns.biz.  g02.cfdns.co.uk.  g02.cfdns.info.  g02.cfdns.net.
geekstorage.com.  gov-online.go.jp.  halkbank.com.tr.
halkemeklilik.com.tr.  hichina.com.  hidmet.gov.rs.  homemade-modern.com.
homepagemodules.de.  hostindia.net.  hostway.ro.  hu.edu.jo.
hwclouds-dns.com.  hwclouds-dns.net.  i8t.com.  i8t.net.
iavalley.cc.ia.us.  ibb.gov.tr.  icicibank.com.  ihc.ru.
indiansexstories.mobi.  inp.ne.jp.  inplat.net.  insure-systems.co.uk.
intellitree.com.  internetmall.cz.  ip-dynamic.com.  iphost.gr.
iphotel.com.br.  iris.gov.hk.  isacombank.com.vn.  itamaraty.gov.br.
itocd.net.  ixor.hu.  jams.or.kr.  je-eigen-domein.nl.  jetairways.com.
jfg-networks.net.  jxedu.gov.cn.  kamusm.gov.tr.  kbops.net.
kci.go.kr.  kissthenet.net.  lamoda.kz.  lamoda.ru.  lcn.com.
lifespan.org.  lopdns.se.  magex.hu.  mall.cz.  mango-office.eu.
mango-office.ru.  masimo.com.  mcsdga.net.  medibuddy.in.  medway.gov.uk.
mercadolibre.com.  met.ie.  mezcalito.net.  mh.gob.sv.  midland.co.jp.
mof.gov.tw.  momoshop.com.tw.  morganstanley.net.  motion-twin.com.
ms.com.  mtgsy.co.uk.  mtgsy.com.  mtwo.co.jp.  munhwa.com.
my100bank.com.  n340.com.  name-s.net.  nameresolvers.com.
namibia.com.na.  net.  netandhost.com.  netline.com.  netsons.com.
netureza.com.  networklayer.com.  newthinking-ns.de.  nexen.net.
nexthal.com.  ngate.de.  nl.  noc.titech.ac.jp.  nrf.re.kr.
ns.mtgsy.com.  nuevobersa.com.ar.  oglasnik.hr.  open4000.com.
pcdf.df.gov.br.  pchome.com.tw.  phoneware.com.  piapp.com.tw.
pkloss.com.  playstation.net.  pornylust.com.  proceau.net.  profi.ru.
qiwi.com.  qq.com.  quanta-camp.com.  quicca.com.  radio-msu.net.
rahul.net.  reality.cz.  regfish-ns.net.  register-it.net.  rmit.edu.au.
rsaweb.net.  rte.com.br.  ruru.ne.jp.  s-dns.de.  sacombank.com.vn.
sdjnptt.net.cn.  securepod.com.  securepoint.de.  simplicityweb.co.uk.
sivit.org.  skl.com.tw.  slaski.pl.  snsp.gob.mx.  softlayer.net.
speedydns.net.  sse.com.cn.  startpunktet.com.  syazen.net.  synnex.ca.
tafeqld.edu.au.  tam.ne.jp.  tanhost.com.  taobao.com.  tarjetanaranja.com.
technopoint.ru.  teothemes.com.  thaiweb.net.  tigerdns.com.
tinkoff.ru.  tjce.jus.br.  tl88.net.  tokiomarine.com.br.
torontohydro.com.  tradevan.com.tw.  transdns.eu.  transip.eu.
transip.net.  transip.nl.  tstartel.com.  ttu.edu.tw.  turkticaret.net.
tuxfamily.net.  twimserver.com.  twmp.com.tw.  typl.gov.tw.
uberns.co.uk.  uberns.com.  uberns.eu.  uberns.info.  uberns.net.
uberns.org.  ubisoft.com.  ucs.ed.ac.uk.  uhcloud.com.  umsa.bo.
unbit.it.  uptime8.net.  uqroo.mx.  v-dns.de.  valmis.fi.  versanus.hu.
veryns.com.  voipwelcome.com.  warnahost.net.  wavedns.net.  web4ce.cz.
webserversystems.com.  webservicesrl.com.  webstarts.com.  wechat.com.
wegener.nl.  wildberries.by.  wildberries.ru.  wvi.org.  xepher.net.
youku.com.  ysk.gov.tr.  zcmbc.com.cn.  zdnscloud.biz.  zdnscloud.com.
zdnscloud.info.  zdnscloud.net.  zdnscloud.org.  zgr.kts.ru.
zmbox.it.  zvezdamedia.ru.

-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742              INTERNET: marka at isc.org