[dns-operations] why does that domain resolve?
sca at andreasschulze.de
Fri Jun 4 15:52:46 UTC 2021
we found the domain "xn--80atcidr8i.xn--p1ai." in one of our logs.
the TLD "xn--p1ai." delegate "xn--80atcidr8i.xn--p1ai." to two working nameservers.
But these nameserver choose to announce "ns1.example.com" and "ns2.example.com" as authoritative.
These names are garbage.
But most resolver do not fail to give an answer for "xn--80atcidr8i.xn--p1ai. /A"
So I wonder, why do so many resolver  obviously do only follow a delegation and ignore authoritative data?
Is it really some sort of "Hey, you asked for $domain/A, the setup is so broken, but I tried really my best: here as an answer..." ?
- Debian Buster's Bind 9.10.3
More information about the dns-operations