Yahoo?

Kevin Darcy kcd at daimlerchrysler.com
Tue May 16 17:23:38 UTC 2000 

Barry Margolin wrote:

> In article <8f9q6c$j8t$1 at news.uic.com>, Jeff Dmochowski <jeffd at uic.com> wrote:
> >I'm running HPUX DNS servers and am having trouble resolving
> >http://www.yahoo.com on my internal DNS (forwarders to my external server).
> >This is the only site, no problem with any other external sites or names or
> >even things like http://my.yahoo.com . My ISP tells me their using "akamai"
> >software, are there any known incompatibilities with this?
>
> www.yahoo.com is a CNAME for www.yahoo.akadns.net, which is served by
> Akamai's DNS servers; I believe they use custom software on their DNS
> servers so that they'll return the address of the distribution server
> closest to the querier.  When I query them, most answers look reasonable.
> The only interesting things I saw were:
>
> ; <<>> DiG 8.1 <<>> yahoo.akadns.net any @za.akadns.net
> ; (1 server found)
> ;; res options: init recurs defnam dnsrch
> ;; got answer:
> ;; ns_initparse: Message too long
> ;; Total query time: 16 msec
> ;; FROM: tools to SERVER: za.akadns.net  209.185.188.39
> ;; WHEN: Tue May 16 12:51:01 2000
> ;; MSG SIZE  sent: 34  rcvd: 34
>
> and:
>
> ; <<>> DiG 8.1 <<>> www.yahoo.akadns.net a @zh.akadns.net +vc
> ; (1 server found)
> ;; res options: init usevc recurs defnam dnsrch
> ;; res_send to server zh.akadns.net  206.132.160.37: Connection refused
>
> So they have a problem with "ANY" queries for the domain name itself, but I
> don't think that should cause problems in normal operations (there's no
> reason why an application would perform such a query) and they don't allow
> queries using TCP.  The latter is a violation of the strict protocol spec,
> but normally UDP is only used for zone transfers and when the response is
> >500 bytes, but their responses to lookups fit in that size so don't need
> to be retried using UDP.

Out of curiosity, what spec is violated by not supporting TCP queries? RFC 1123
says servers SHOULD support TCP. Are you aware of an update to that?

The only reason I ask is because I recently wanted some leverage in a minor
dispute with someone whose firewall was blocking TCP DNS queries. But I struck out
trying to find a mandate in the RFC's.


- Kevin

More information about the bind-users mailing list