Hello The Sophos Web Protection Service is answering all DNS queries without an AA flag. Is an "authoritative" DNS response without a set AA flag a major DNS protocol violation?
Oct 24 17:40:44 [1] Nameserver ns.sxl31.sophosxl.net IPs: 34.252.84.252(0.00ms), 52.19.19.59(0.00ms) Oct 24 17:40:44 [1] jjj.tnynkhf.pu.m.06.s.sophosxl.net: Resolved 'm.06.s.sophosxl.net' NS ns.sxl31.sophosxl.net to: 34.252.84.252, 52.19.19.59 Oct 24 17:40:44 [1] jjj.tnynkhf.pu.m.06.s.sophosxl.net: Trying IP 34.252.84.252:53, asking 'jjj.tnynkhf.pu.m.06.s.sophosxl.net|TXT' Oct 24 17:40:44 [1] jjj.tnynkhf.pu.m.06.s.sophosxl.net: Got 1 answers from ns.sxl31.sophosxl.net (34.252.84.252), rcode=0 (No Error), aa=0, in 37ms Oct 24 17:40:44 [1] Removing record 'jjj.tnynkhf.pu.m.06.s.sophosxl.net|TXT|"w l h 2c 1200311811\009#f77a3b635711f65f"' in the answer section without the AA bit set received from m.06.s.sophosxl.net Oct 24 17:40:44 [1] jjj.tnynkhf.pu.m.06.s.sophosxl.net: determining status after receiving this packet Oct 24 17:40:44 [1] jjj.tnynkhf.pu.m.06.s.sophosxl.net: Trying IP 52.19.19.59:53, asking 'jjj.tnynkhf.pu.m.06.s.sophosxl.net|TXT' Oct 24 17:40:44 [1] jjj.tnynkhf.pu.m.06.s.sophosxl.net: Got 1 answers from ns.sxl31.sophosxl.net (52.19.19.59), rcode=0 (No Error), aa=0, in 37ms Oct 24 17:40:44 [1] Removing record 'jjj.tnynkhf.pu.m.06.s.sophosxl.net|TXT|"w l h 2c 1200311811\009#f77a3b635711f65f"' in the answer section without the AA bit set received from m.06.s.sophosxl.net Oct 24 17:40:44 [1] jjj.tnynkhf.pu.m.06.s.sophosxl.net: determining status after receiving this packet Oct 24 17:40:44 [1] jjj.tnynkhf.pu.m.06.s.sophosxl.net: Failed to resolve via any of the 1 offered NS at level 'm.06.s.sophosxl.net' Oct 24 17:40:44 [1] jjj.tnynkhf.pu.m.06.s.sophosxl.net: failed (res=-1) Oct 24 17:40:44 3 [1/1] answer to question 'jjj.tnynkhf.pu.m.06.s.sophosxl.net|TXT': 0 answers, 1 additional, took 10 packets, 263.966 netw ms, 305.922 tot ms, 0 throttled, 0 timeouts, 0 tcp connections, rcode=2 Kind regards Daniel
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
