[dns-operations] why does that domain resolve?
A. Schulze
sca at andreasschulze.de
Fri Jun 4 15:52:46 UTC 2021
Hello,
we found the domain "xn--80atcidr8i.xn--p1ai." in one of our logs.
the TLD "xn--p1ai." delegate "xn--80atcidr8i.xn--p1ai." to two working nameservers.
But these nameserver choose to announce "ns1.example.com" and "ns2.example.com" as authoritative.
These names are garbage.
But most resolver do not fail to give an answer for "xn--80atcidr8i.xn--p1ai. /A"
So I wonder, why do so many resolver [1] obviously do only follow a delegation and ignore authoritative data?
Is it really some sort of "Hey, you asked for $domain/A, the setup is so broken, but I tried really my best: here as an answer..." ?
Andreas
[1]
- 1.1.1.1
- 8.8.8.8
- 9.9.9.9
- unbound-1.13.1
- Debian Buster's Bind 9.10.3
More information about the dns-operations
mailing list