Domain non-existent / flooding attack

John Tan d_name at hotmail.com
Fri Aug 13 01:58:15 UTC 1999


Thanks to all who answered my question. I really appreciate it.

But Mark, I find it hard to believe that luck has something to do with it. 
After all, the reasoning is that if I had not increased the gov.sg zone s/no 
then none of the other DNSes would have reason to do another zone transfer.

Unless you are saying that previously I updated the gov.sg zone and also 
some time later I updated the sgnews zone s./no but all the other ISPs 
picked it up and except for pridns.ncs.com.sg which was slow in doing so ? 
Then when it did pick it up, the sgnews was already added ? I certainly hope 
that this is the reason....

BTW, Mark I understand that there has been concern over a flooding attack on 
DNS servers via udp port 53. Is there a fix yet for this ?

thanks for your help.


>From: marka at isc.org
>To: "John Tan" <d_name at hotmail.com>
>CC: bind-users at isc.org, phil46 at pacific.net.sg
>Subject: Re: Domain non-existent
>Date: Fri, 13 Aug 1999 07:32:44 +1000
>
> > Thanks again Mark. Your very helpful. But one question though :
> > If that were the case, then why is pridns.ncs.com.sg able to 
>successfully
> > query my DNS for the info while the others were not ?
>
>	Luck.  There are 8 servers for gov.sg, 2 of which known the zone
>	exists.  Once you learn about the zone you have to wait for the
>	NS records to expire before you have to look it up again.
>
>	Mark
> >
> >
> > >From: marka at isc.org
> > >To: "John Tan" <d_name at hotmail.com>
> > >CC: bind-users at isc.org, phil46 at pacific.net.sg
> > >Subject: Re: Domain non-existent
> > >Date: Thu, 12 Aug 1999 22:42:38 +1000
> > >
> > >	The problem is that the parent domain (gov.sg) has not been
> > >	updated.  While both pridns.gov.sg and secdns.gov.sg know about
> > >	sgnews.gov.sg as they are also servers for sgnews.gov.sg the
> > >	rest of the servers for gov.sg do not and hence the NXDOMAINs.
> > >
> > >	The zone gov.sg zone needs to be updated and pushed to the
> > >	secondaries.
> > >
> > >	Mark
> > > >
> > > > Hi all
> > > >
> > > > I have a problem. From the dns server pridns.gov.sg, I am able to 
>query
> > > > sgnews.gov.sg domain. from pridns.ncs.com.sg it is also ok.
> > > > but from other dns servers eg. pridns.cyberway.com.sg it does not 
>work.
> > >The
> > > > ttl is 6 hours and I have already incremented the serial no.
> > > > and it is long after 6 hours. Am I paranoid or should I wait longer 
>?
> > > > Previosuly I had already incremented the s/no but just did it again
> > >today..
> > > > MY DNS logs show no errors on both primary and sec.
> > > >
> > > > below is the output :
> > > >
> > > > >sgnews.gov.sg.
> > > > Server:  pridns.cyberway.com.sg
> > > > Address:  203.116.1.78
> > > >
> > > > *** pridns.cyberway.com.sg can't find sgnews.gov.sg.:Non-existent
> > > > host/domain
> > > > >server pridns.ncs.com.sg.
> > > > Default Server:  pridns.ncs.com.sg
> > > > Address:  203.116.16.16
> > > >
> > > > >sgnews.gov.sg.
> > > > Server:  pridns.ncs.com.sg
> > > > Address:  203.116.16.16
> > > >
> > > > Non-authoritative answer:
> > > > sgnews.gov.sg
> > > >         origin = pridns.gov.sg
> > > >         mail address = root.pridns.gov.sg
> > > >         serial = 1999081201
> > > >         refresh = 14400 (4H)
> > > >         retry   = 7200 (2H)
> > > >         expire  = 604800 (1W)
> > > >         minimum ttl = 21600 (6H)
> > > > sgnews.gov.sg   nameserver = pridns.gov.sg
> > > > sgnews.gov.sg   nameserver = secdns.gov.sg
> > > > sgnews.gov.sg   preference = 10, mail exchanger = hydra.gov.sg
> > > > sgnews.gov.sg   preference = 20, mail exchanger = 
>medusa.internet.gov.sg
> > > >
> > > > Authoritative answers can be found from:
> > > > sgnews.gov.sg   nameserver = pridns.gov.sg
> > > > sgnews.gov.sg   nameserver = secdns.gov.sg
> > > > pridns.gov.sg   internet address = 160.96.179.4
> > > > secdns.gov.sg   internet address = 160.96.128.4
> > > > hydra.gov.sg    internet address = 160.96.179.6
> > > > medusa.internet.gov.sg  internet address = 160.96.179.7
> > > > >
> > > >
> > > >
> > > > ______________________________________________________
> > > > Get Your Private, Free Email at http://www.hotmail.com
> > > >
> > > >
> > >--
> > >Mark Andrews, Internet Software Consortium
> > >1 Seymour St., Dundas Valley, NSW 2117, Australia
> > >PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org
> >
> >
> > ______________________________________________________
> > Get Your Private, Free Email at http://www.hotmail.com
> >
>--
>Mark Andrews, Internet Software Consortium
>1 Seymour St., Dundas Valley, NSW 2117, Australia
>PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org


______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com


More information about the bind-users mailing list