bind 9.14.1 qname-minimization

Carl Byington carl at byington.org
Fri Apr 26 23:01:24 UTC 2019


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

The default for the qname-minimization option is relaxed, but with that,
we cannot resolve the PTR for 142.136.234.134.

dig -x 142.136.234.134 @localhost

; <<>> DiG 9.14.1 <<>> -x 142.136.234.134 @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 25604
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: 19827bd99b1c2e4c9b3031d25cc38cd99291547909a1072a (good)
;; QUESTION SECTION:
;134.234.136.142.in-addr.arpa.  IN  PTR



But a dig+trace works:

dig -x 142.136.234.134 +trace
....
136.142.in-addr.arpa.   86400   IN  NS  ns1.twcable.com.
136.142.in-addr.arpa.   86400   IN  NS  ns2.twcable.com.
136.142.in-addr.arpa.   10800   IN  NSEC    137.142.in-addr.arpa. NS
RRSIG NSEC
136.142.in-addr.arpa.   10800   IN  RRSIG   NSEC 5 4 10800
20190510203932 20190426193932 3402 142.in-addr.arpa.
VYmReUU/xtnUrJnsiSpl+HUeHfAsbG9YyOMFz9bkvKkY7R/N2MmJbC0j
5eWk+S31Iyqj7tvTxYRXZHWUNLDhr87PeW+5IF0noETb3CRrjX9vC3ef
NFyTR0K6Hz7Kd6fmc8qJJj0o9xthqZkdN2ugpoOzFi/AmswNKHo+Spmt GAM=
;; Received 322 bytes from 193.0.9.10#53(arin.authdns.ripe.net) in 138
ms

134.234.136.142.in-addr.arpa. 14400 IN  PTR nce.mail.chartercom.com.
234.136.142.in-addr.arpa. 500   IN  NS  cdp-wn-tm-5-01.inf.twcable.com.
;; Received 135 bytes from 165.237.86.252#53(ns1.twcable.com) in 78 ms



If we switch to qname-minimization disabled, we can resolve that:

dig -x 142.136.234.134 @localhost

; <<>> DiG 9.14.1 <<>> -x 142.136.234.134 @localhost
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27045
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
; COOKIE: e576889a026393635adb613d5cc38d31b91f6bc06bca426d (good)
;; QUESTION SECTION:
;134.234.136.142.in-addr.arpa.  IN  PTR

;; ANSWER SECTION:
134.234.136.142.in-addr.arpa. 14400 IN  PTR nce.mail.chartercom.com.



-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREKAAYFAlzDjboACgkQL6j7milTFsEhjQCcCRniXDQZhyx/vXKnGplb5Qdw
EW8Ani7w4bbl7Eq8nSxFF9fWyu9JKd+T
=HJMK
-----END PGP SIGNATURE-----




More information about the bind-users mailing list