wrong IP for a root server
Peter Dambier
peter at peter-dambier.de
Tue Jun 20 15:56:19 UTC 2006
Maria Iano wrote:
> This morning, on one of my name servers I noticed this error message (time in GMT):
>
> 20-Jun-2006 07:55:36.245 default: warning: check_hints: A records for B.ROOT-SERVERS.NET class 1 do not match hint records
>
> When I perform a lookup of B.ROOT-SERVERS.NET against this name server, it gives me no answer:
>
> ; <<>> DiG 9.3.2 <<>> @ns4.gannett.com B.ROOT-SERVERS.NET.
> ; (1 server found)
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15069
> ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 4
>
> ;; QUESTION SECTION:
> ;B.ROOT-SERVERS.NET. IN A
>
> I dumped the cache and did indeed find the wrong IP for B.ROOT-SERVERS.NET.:
>
> This is the tail of the cache dump:
>
> ; --- Hints ---
> $ORIGIN .
> . 518400 IN NS A.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS H.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS C.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS G.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS F.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS B.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS J.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS K.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS L.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS M.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS I.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS E.ROOT-SERVERS.NET. ;Cl=0
> 518400 IN NS D.ROOT-SERVERS.NET. ;Cl=0
> $ORIGIN ROOT-SERVERS.NET.
> K 3600000 IN A 193.0.14.129 ;NT=64224 Cl=0
> L 3600000 IN A 198.32.64.12 ;NT=10426 Cl=0
> A 3600000 IN A 198.41.0.4 ;NT=10426 Cl=0
> M 3600000 IN A 202.12.27.33 ;NT=145 Cl=0
> B 3600000 IN A 128.9.0.107 ;NT=10426 Cl=0
> C 3600000 IN A 192.33.4.12 ;NT=10428 Cl=0
> D 3600000 IN A 128.8.10.90 ;NT=10426 Cl=0
> E 3600000 IN A 192.203.230.10 ;NT=64224 Cl=0
> F 3600000 IN A 192.5.5.241 ;NT=10426 Cl=0
> G 3600000 IN A 192.112.36.4 ;NT=64224 Cl=0
> H 3600000 IN A 128.63.2.53 ;NT=10426 Cl=0
> I 3600000 IN A 192.36.148.17 ;NT=10426 Cl=0
> J 3600000 IN A 192.58.128.30 ;NT=10426 Cl=0
>
>
> I've checked against 8 other name servers of ours and have not seen this issue on any of those - they all have the correct IP for B.ROOT-SERVERS.NET. I'm very glad to see that my name server does not seem to trust this bad A record for B.ROOT-SERVERS.NET.
>
> Any idea how/why this happened? Anything I should do?
>
> Thanks,
> Maria
>
I just tried
host_look("128.9.0.107","128.9.0.107","2148073579").
host_name("128.9.0.107","ns1.isi.edu").
; <<>> DiG 9.1.3 <<>> -t any . @ns1.isi.edu
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16344
;; flags: qr aa rd; QUERY: 1, ANSWER: 14, AUTHORITY: 13, ADDITIONAL: 3
;; QUESTION SECTION:
;. IN ANY
;; ANSWER SECTION:
. 518400 IN NS A.ROOT-SERVERS.NET.
. 86400 IN SOA A.ROOT-SERVERS.NET. NSTLD.VERISIGN-GRS.COM. 2006062000 1800 900 604800 86400
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
;; AUTHORITY SECTION:
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
;; Query time: 221 msec
;; SERVER: 128.9.0.107#53(ns1.isi.edu)
;; WHEN: Tue Jun 20 17:25:00 2006
;; MSG SIZE rcvd: 502
No harm done. Seems isi.edu have their own internal root and they are
a copy of one of the root-server.net.
; <<>> DiG 9.1.3 <<>> -t any peter_dambier.de @ns1.isi.edu
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60333
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 8
;; QUESTION SECTION:
;peter_dambier.de. IN ANY
;; AUTHORITY SECTION:
de. 172800 IN NS A.NIC.de.
de. 172800 IN NS F.NIC.de.
de. 172800 IN NS C.DE.NET.
de. 172800 IN NS L.DE.NET.
de. 172800 IN NS S.DE.NET.
de. 172800 IN NS Z.NIC.de.
;; ADDITIONAL SECTION:
A.NIC.de. 172800 IN A 193.0.7.3
F.NIC.de. 172800 IN AAAA 2001:608:6::5
F.NIC.de. 172800 IN A 81.91.164.5
C.DE.NET. 172800 IN A 208.48.81.43
L.DE.NET. 172800 IN A 217.51.137.213
S.DE.NET. 172800 IN A 193.159.170.149
Z.NIC.de. 172800 IN AAAA 2001:628:453:4905::53
Z.NIC.de. 172800 IN A 194.246.96.1
;; Query time: 221 msec
;; SERVER: 128.9.0.107#53(ns1.isi.edu)
;; WHEN: Tue Jun 20 17:30:28 2006
;; MSG SIZE rcvd: 292
They do give reasonable answers.
; <<>> DiG 9.1.3 <<>> -t any B.ROOT-SERVERS.NET @ns1.isi.edu
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8324
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;B.ROOT-SERVERS.NET. IN ANY
;; ANSWER SECTION:
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
B.ROOT-SERVERS.NET. 3600000 IN TXT "formerly ns1.isi.edu"
B.ROOT-SERVERS.NET. 3600000 IN MX 20 mail.isi.edu.
;; AUTHORITY SECTION:
ROOT-SERVERS.NET. 3600000 IN NS a.ROOT-SERVERS.NET.
ROOT-SERVERS.NET. 3600000 IN NS f.ROOT-SERVERS.NET.
ROOT-SERVERS.NET. 3600000 IN NS j.ROOT-SERVERS.NET.
ROOT-SERVERS.NET. 3600000 IN NS k.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
a.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
f.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
j.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
k.ROOT-SERVERS.NET. 3600000 IN A 193.0.14.129
;; Query time: 221 msec
;; SERVER: 128.9.0.107#53(ns1.isi.edu)
;; WHEN: Tue Jun 20 17:49:41 2006
;; MSG SIZE rcvd: 241
Maybe there was a time warp :)
Kind regards
Peter and Karin Dambier
--
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Graeffstrasse 14
D-64646 Heppenheim
+49(6252)671-788 (Telekom)
+49(179)108-3978 (O2 Genion)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.serveftp.com
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
More information about the bind-users
mailing list