Secondary DNS question...

Matus UHLAR - fantomas uhlar at fantomas.sk
Tue Jun 25 11:26:35 UTC 2013


>On 24.06.13 07:41, Frank Bulk wrote:
>>Interesting to note that querying for ANY does return an SOA.  I can't
>>explain that behavior.

On 24.06.13 14:54, Matus UHLAR - fantomas wrote:
>I can guess a kind of DNS filter/firewall. Some l3 switches or load
>balancers tend to produce strange results too...

aa! I am getting response packets  but they are somehoe not accepted by dig:

% dig +norec +bufsize=4096 -t soa starionline.com @ns1.starionhost.net

; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> +norec +bufsize=4096 -t soa starionline.com @ns1.starionhost.net
;; global options: +cmd
;; connection timed out; no servers could be reached

... in the meantime:

13:21:38.837415 IP (tos 0x0, ttl 64, id 9452, offset 0, flags [none], proto UDP (17), length 72)
     62.168.95.114.39172 > 74.87.108.83.53: [udp sum ok] 51735 [1au] SOA? starionline.com. ar: . OPT UDPsize=4096 (44)
13:21:39.009098 IP (tos 0x10, ttl 50, id 15611, offset 0, flags [none], proto UDP (17), length 196)
     74.87.108.83.53 > 62.168.95.114.39172: [bad udp cksum 0x5586 -> 0xe731!] 51735*- q: SOA? starionline.com. 1/2/3 starionline.com. [1d] SOA ns1.starionhost.net. info.starionhost.net. 2008122905 28800 7200 1209600 3600 ns: starionline.com. [1d] NS ns1.starionhost.net., starionline.com. [1d] NS ns2.starionhost.net. ar: ns1.starionhost.net. [1d] A 74.87.108.83, ns2.starionhost.net. [1d] A 64.136.200.138, . OPT UDPsize=4096 (168)
13:21:43.837389 IP (tos 0x0, ttl 64, id 9453, offset 0, flags [none], proto UDP (17), length 72)
     62.168.95.114.39172 > 74.87.108.83.53: [udp sum ok] 51735 [1au] SOA? starionline.com. ar: . OPT UDPsize=4096 (44)
13:21:44.009780 IP (tos 0x10, ttl 50, id 4231, offset 0, flags [none], proto UDP (17), length 196)
     74.87.108.83.53 > 62.168.95.114.39172: [bad udp cksum 0x5586 -> 0xe731!] 51735*- q: SOA? starionline.com. 1/2/3 starionline.com. [1d] SOA ns1.starionhost.net. info.starionhost.net. 2008122905 28800 7200 1209600 3600 ns: starionline.com. [1d] NS ns1.starionhost.net., starionline.com. [1d] NS ns2.starionhost.net. ar: ns1.starionhost.net. [1d] A 74.87.108.83, ns2.starionhost.net. [1d] A 64.136.200.138, . OPT UDPsize=4096 (168)
13:21:48.837515 IP (tos 0x0, ttl 64, id 9454, offset 0, flags [none], proto UDP (17), length 72)
     62.168.95.114.39172 > 74.87.108.83.53: [udp sum ok] 51735 [1au] SOA? starionline.com. ar: . OPT UDPsize=4096 (44)
13:21:49.011060 IP (tos 0x10, ttl 50, id 38531, offset 0, flags [none], proto UDP (17), length 196)
     74.87.108.83.53 > 62.168.95.114.39172: [bad udp cksum 0x5586 -> 0xf531!] 51735*- q: SOA? starionline.com. 1/2/3 starionline.com. [1d] SOA ns1.starionhost.net. info.starionhost.net. 2008122905 28800 7200 1209600 3600 ns: starionline.com. [1d] NS ns2.starionhost.net., starionline.com. [1d] NS ns1.starionhost.net. ar: ns1.starionhost.net. [1d] A 74.87.108.83, ns2.starionhost.net. [1d] A 64.136.200.138, . OPT UDPsize=4096 (168)


>>stariononline.com has two NSes listed, ns1.starionhost.net [74.87.108.83]
>>and ns2.starionhost.net [64.136.200.138].  But the first one does not seem
>>to want to respond (http://goo.gl/s41wN and http://dnscheck.iis.se/ and
>>http://www.zonecut.net/dns/index.cgi are just a few examples) to a few of
>>the online checkers.  I checked with some others and it looks like you have
>>no SOA set for for ns1.starionhost.net:

-- 
Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
I don't have lysdexia. The Dog wouldn't allow that.


More information about the bind-users mailing list