d root server

Lyle Giese lyle at lcrcomputer.net
Tue Aug 20 22:34:20 UTC 2013


Have you read the source code for these versions of BIND and examined 
the set of HINTS that are internal to the code inside BIND?  These are 
loaded before any external HINTS file is loaded up.

Lyle

On 08/20/13 16:37, rohan.henry at cwjamaica.com wrote:
> Lyle,
>
> Version 9.8.4-P1 is also affected. And the hints file was downloaded during setup. Also note that even a freshly downloaded copy has the old address. Note IP 199.7.91.13 in the following dig output.
>
> dig +tcp @a.root-servers.net . ns
>
> ; <<>> DiG 9.8.4-P1 <<>> +tcp @a.root-servers.net . ns
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6106
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 22
> ;; WARNING: recursion requested but not available
>
> ;; QUESTION SECTION:
> ;.                              IN      NS
>
> ;; ANSWER SECTION:
> .                       518400  IN      NS      f.root-servers.net.
> .                       518400  IN      NS      h.root-servers.net.
> .                       518400  IN      NS      g.root-servers.net.
> .                       518400  IN      NS      c.root-servers.net.
> .                       518400  IN      NS      m.root-servers.net.
> .                       518400  IN      NS      k.root-servers.net.
> .                       518400  IN      NS      l.root-servers.net.
> .                       518400  IN      NS      i.root-servers.net.
> .                       518400  IN      NS      e.root-servers.net.
> .                       518400  IN      NS      d.root-servers.net.
> .                       518400  IN      NS      j.root-servers.net.
> .                       518400  IN      NS      b.root-servers.net.
> .                       518400  IN      NS      a.root-servers.net.
>
> ;; ADDITIONAL SECTION:
> f.root-servers.net.     3600000 IN      A       192.5.5.241
> f.root-servers.net.     3600000 IN      AAAA    2001:500:2f::f
> h.root-servers.net.     3600000 IN      A       128.63.2.53
> h.root-servers.net.     3600000 IN      AAAA    2001:500:1::803f:235
> g.root-servers.net.     3600000 IN      A       192.112.36.4
> c.root-servers.net.     3600000 IN      A       192.33.4.12
> m.root-servers.net.     3600000 IN      A       202.12.27.33
> m.root-servers.net.     3600000 IN      AAAA    2001:dc3::35
> k.root-servers.net.     3600000 IN      A       193.0.14.129
> k.root-servers.net.     3600000 IN      AAAA    2001:7fd::1
> l.root-servers.net.     3600000 IN      A       199.7.83.42
> l.root-servers.net.     3600000 IN      AAAA    2001:500:3::42
> i.root-servers.net.     3600000 IN      A       192.36.148.17
> i.root-servers.net.     3600000 IN      AAAA    2001:7fe::53
> e.root-servers.net.     3600000 IN      A       192.203.230.10
> d.root-servers.net.     3600000 IN      A       199.7.91.13
> d.root-servers.net.     3600000 IN      AAAA    2001:500:2d::d
> j.root-servers.net.     3600000 IN      A       192.58.128.30
> j.root-servers.net.     3600000 IN      AAAA    2001:503:c27::2:30
> b.root-servers.net.     3600000 IN      A       192.228.79.201
> a.root-servers.net.     3600000 IN      A       198.41.0.4
> a.root-servers.net.     3600000 IN      AAAA    2001:503:ba3e::2:30
>
> Regards,
> Rohan
>
>
> On Tue, 20 Aug 2013 15:59:41 -0500
>   Lyle Giese <lyle at lcrcomputer.net> wrote:
>> Your bind code is old and has the old info in it.  D root changed it's ip address.  Bind has a built-in hints file, in case you don't setup one and it probably has the old ip address for the D root.
>>
>> http://blog.icann.org/2012/12/d-root/
>>
>> Lyle Giese
>> LCR Computer Services, Inc.
>>
>> On 08/20/13 15:44, rohan.henry at cwjamaica.com wrote:
>>> Edward,
>>>
>>> Agreed.
>>>
>>> My concern though is why the following show up in my logs when the IP is already in the root hint file.
>>>
>>> checkhints: d.root-servers.net/A (199.7.91.13) missing from hints
>>>
>>> Regards,
>>> Rohan
>>>
>>> On Tue, 20 Aug 2013 14:40:09 -0400
>>>    Edward DeLargy <eddelargy at gmail.com> wrote:
>>>> Rohan,
>>>>            Normally you shouldn't need to. However, sometimes errors happen
>>>> and we just need to correct them as they come.
>>>>
>>>> Regards,
>>>> Ed
>>>>
>>>>
>>>>
>>>> On Tue, Aug 20, 2013 at 2:26 PM, <rohan.henry at cwjamaica.com> wrote:
>>>>
>>>>> Thanks Edward,
>>>>>
>>>>> I didn't think I needed to edit the downloaded root hint file. In fact the
>>>>> d.root-server.net server is assigned the IP address in the dig output
>>>>> below. I do not know where 128.8.10.90 comes from.
>>>>>
>>>>> dig d.root-servers.net
>>>>>
>>>>> ; <<>> DiG 9.7.2-P3 <<>> d.root-servers.net
>>>>> ;; global options: +cmd
>>>>> ;; Got answer:
>>>>> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54457
>>>>> ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
>>>>>
>>>>> ;; QUESTION SECTION:
>>>>> ;d.root-servers.net.            IN      A
>>>>>
>>>>> ;; ANSWER SECTION:
>>>>> d.root-servers.net.     156446  IN      A       199.7.91.13
>>>>>
>>>>>
>>>>> Regards,
>>>>> Rohan
>>>>>
>>>>>
>>>>> On Tue, 20 Aug 2013 14:20:23 -0400
>>>>>    Edward DeLargy <eddelargy at gmail.com> wrote:
>>>>>> Ah..I also just thought of this....ensure that you have two seperate IPs
>>>>>> for the server in the hints..you may have two entries with the same IP.
>>>>>>
>>>>>> Regards,
>>>>>> Ed
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Tue, Aug 20, 2013 at 2:12 PM, <rohan.henry at cwjamaica.com> wrote:
>>>>>>
>>>>>>> Hello,
>>>>>>>
>>>>>>> Why do I still get the following in my logs even after downloading the
>>>>>>> latest version root hint file.
>>>>>>>
>>>>>>> checkhints: d.root-servers.net/A (128.8.10.90) extra record in hints
>>>>>>> checkhints: d.root-servers.net/A (199.7.91.13) missing from hints
>>>>>>>
>>>>>>>
>>>>>>> Regards,
>>>>>>> Rohan
>>>>>>> _______________________________________________
>>>>>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>>>>>>> unsubscribe from this list
>>>>>>>
>>>>>>> bind-users mailing list
>>>>>>> bind-users at lists.isc.org
>>>>>>> https://lists.isc.org/mailman/listinfo/bind-users
>>>>>>>
>>>>> _______________________________________________
>>>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
>>>>> unsubscribe from this list
>>>>>
>>>>> bind-users mailing list
>>>>> bind-users at lists.isc.org
>>>>> https://lists.isc.org/mailman/listinfo/bind-users
>>>>>
>>> _______________________________________________
>>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>>
>>> bind-users mailing list
>>> bind-users at lists.isc.org
>>> https://lists.isc.org/mailman/listinfo/bind-users
>>
>> -- 
>> Lyle Giese
>> LCR Computer Services, Inc
>>
>> Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.
>> Benjamin Franklin 1775
>>
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>
>> bind-users mailing list
>> bind-users at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/bind-users
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users


-- 
Lyle Giese
LCR Computer Services, Inc

Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety.
Benjamin Franklin 1775



More information about the bind-users mailing list