[dns-operations] bit.ly serial number (and content) desynchronisation
Chris
dns-oarc at hrcommunications.net
Fri Feb 13 11:36:07 UTC 2026
On 2026-02-13 02:33, Stephane Bortzmeyer via dns-operations wrote:
> While all the authoritative name servers for bit.ly currently have the
> same serial number (1), my resolver got a SOA with a different number,
> and a different content (no A and no AAAA):
>
> % dig bit.ly
>
> ; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> bit.ly
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64698
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags: do; udp: 1232
> ;; QUESTION SECTION:
> ;bit.ly. IN A
>
> ;; AUTHORITY SECTION:
> bit.ly. 6623 IN SOA ns-1372.awsdns-43.org.
> ns-cloud-c3.googledomains.com. (
> 2003080406 ; serial
> 10800 ; refresh (3 hours)
> 3600 ; retry (1 hour)
> 604800 ; expire (1 week)
> 21600 ; minimum (6 hours)
> )
>
> ;; Query time: 4 msec
> ;; SERVER: 192.168.2.254#53(192.168.2.254) (UDP)
> ;; WHEN: Fri Feb 13 11:24:42 CET 2026
> ;; MSG SIZE rcvd: 121
>
> Testing with RIPE Atlas probes
> <https://atlas.ripe.net/measurements/154580059>, I see that I'm not
> the only one who got this serial number 2003080406.
>
> Temporary error in publication? Or an anycast instance somewhere
> serving a wrong zone?
Frankly. There's a lot to chase here. It's not *terribly* uncommon
for an outdated server to appear in a list of NSs this long.
What *is* strange, is that your client would consider *choosing* an
outdated NS. It's also interesting to note the wide range in the
caches -- 3600 - 86400.
# drill -T bit.ly SOA
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS m.root-servers.net.
ly. 172800 IN NS dns.lttnet.net.
ly. 172800 IN NS pch.ltt.ly.
ly. 172800 IN NS dns1.lttnet.net.
ly. 172800 IN NS ns-ly.afrinic.net.
ly. 172800 IN NS phloem.uoregon.edu.
bit.ly. 3600 IN NS ns-cloud-c2.googledomains.com.
bit.ly. 3600 IN NS ns-cloud-c3.googledomains.com.
bit.ly. 3600 IN NS ns-cloud-c1.googledomains.com.
bit.ly. 3600 IN NS ns-1372.awsdns-43.org.
bit.ly. 3600 IN NS ns-705.awsdns-24.net.
bit.ly. 21600 IN SOA ns-cloud-c1.googledomains.com.
cloud-dns-hostmaster.google.com. 1 21600 3600 259200 3600
bit.ly. 86400 IN NS ns-1372.awsdns-43.org.
bit.ly. 86400 IN NS ns-276.awsdns-34.com.
bit.ly. 86400 IN NS ns-cloud-c4.googledomains.com.
bit.ly. 86400 IN NS ns-cloud-c3.googledomains.com.
bit.ly. 86400 IN NS ns-1766.awsdns-28.co.uk.
bit.ly. 86400 IN NS ns-cloud-c2.googledomains.com.
bit.ly. 86400 IN NS ns-705.awsdns-24.net.
bit.ly. 86400 IN NS ns-cloud-c1.googledomains.com.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
More information about the dns-operations
mailing list