[dns-operations] .VA tld has been intermittently wildcarded?
Robert Edmonds
edmonds at mycre.ws
Sun Dec 1 19:31:16 UTC 2024
Alarig Le Lay via dns-operations wrote:
> I can reproduce it from different hosts, it seems that the first part of
> the hostname is fixed, the second depends on the time and the last
> depends on the IP:
It doesn't just depend on the IP, it is the actual IPv4 address of the query
initiator, encoded as hexadecimal. I would guess the reason that the same
behavior isn't seen on IPv6 is because the nameserver developer/operator hasn't
written the code to encode IPv6 addresses.
edmonds at chase{0}:~$ dig -4 +norec -t ns edmonds.va @a.nic.va
; <<>> DiG 9.20.2-1-Debian <<>> -4 +norec -t ns edmonds.va @a.nic.va
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65030
;; flags: qr aa; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;edmonds.va. IN NS
;; AUTHORITY SECTION:
edmonds.va. 0 IN NS ck02-fb0e773cdf-6342c624.va.
;; Query time: 115 msec
;; SERVER: 212.77.0.110#53(a.nic.va) (UDP)
;; WHEN: Sun Dec 01 14:23:05 EST 2024
;; MSG SIZE rcvd: 79
edmonds at chase{0}:~$ echo 6342c624 | python3 -c 'import binascii; import socket; import sys; print(socket.inet_ntop(socket.AF_INET, binascii.unhexlify(sys.stdin.readline().strip())))'
99.66.198.36
edmonds at chase{0}:~$ curl -4 icanhazip.com
99.66.198.36
--
Robert Edmonds
More information about the dns-operations
mailing list