Re: [dns-operations] bit.ly serial number (and content) desynchronisation

Thu, 19 Feb 2026 17:27:12 -0800

On 2026-02-13 02:33, Stephane Bortzmeyer via dns-operations wrote:> While all the authoritative name servers for bit.ly currently have the 
same serial number (1), my resolver got a SOA with a different number,
and a different content (no A and no AAAA):

% dig bit.ly

; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> bit.ly
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64698
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1232
;; QUESTION SECTION:
;bit.ly.            IN A

;; AUTHORITY SECTION:
bit.ly. 6623 IN SOA ns-1372.awsdns-43.org. ns-cloud-c3.googledomains.com. ( 
                2003080406 ; serial
                10800      ; refresh (3 hours)
                3600       ; retry (1 hour)
                604800     ; expire (1 week)
                21600      ; minimum (6 hours)
                )

;; Query time: 4 msec
;; SERVER: 192.168.2.254#53(192.168.2.254) (UDP)
;; WHEN: Fri Feb 13 11:24:42 CET 2026
;; MSG SIZE  rcvd: 121

Testing with RIPE Atlas probes
<https://atlas.ripe.net/measurements/154580059>, I see that I'm not
the only one who got this serial number 2003080406.

Temporary error in publication? Or an anycast instance somewhere
serving a wrong zone?


Frankly. There's a lot to chase here. It's not *terribly* uncommon
for an outdated server to appear in a list of NSs this long.
What *is* strange, is that your client would consider *choosing* an
outdated NS. It's also interesting to note the wide range in the
caches -- 3600 - 86400.


# drill -T bit.ly SOA
.       518400  IN      NS      a.root-servers.net.
.       518400  IN      NS      b.root-servers.net.
.       518400  IN      NS      c.root-servers.net.
.       518400  IN      NS      d.root-servers.net.
.       518400  IN      NS      e.root-servers.net.
.       518400  IN      NS      f.root-servers.net.
.       518400  IN      NS      g.root-servers.net.
.       518400  IN      NS      h.root-servers.net.
.       518400  IN      NS      i.root-servers.net.
.       518400  IN      NS      j.root-servers.net.
.       518400  IN      NS      k.root-servers.net.
.       518400  IN      NS      l.root-servers.net.
.       518400  IN      NS      m.root-servers.net.
ly.     172800  IN      NS      dns.lttnet.net.
ly.     172800  IN      NS      pch.ltt.ly.
ly.     172800  IN      NS      dns1.lttnet.net.
ly.     172800  IN      NS      ns-ly.afrinic.net.
ly.     172800  IN      NS      phloem.uoregon.edu.
bit.ly. 3600    IN      NS      ns-cloud-c2.googledomains.com.
bit.ly. 3600    IN      NS      ns-cloud-c3.googledomains.com.
bit.ly. 3600    IN      NS      ns-cloud-c1.googledomains.com.
bit.ly. 3600    IN      NS      ns-1372.awsdns-43.org.
bit.ly. 3600    IN      NS      ns-705.awsdns-24.net.
bit.ly. 21600 IN SOA ns-cloud-c1.googledomains.com. cloud-dns-hostmaster.google.com. 1 21600 3600 259200 3600 
bit.ly. 86400   IN      NS      ns-1372.awsdns-43.org.
bit.ly. 86400   IN      NS      ns-276.awsdns-34.com.
bit.ly. 86400   IN      NS      ns-cloud-c4.googledomains.com.
bit.ly. 86400   IN      NS      ns-cloud-c3.googledomains.com.
bit.ly. 86400   IN      NS      ns-1766.awsdns-28.co.uk.
bit.ly. 86400   IN      NS      ns-cloud-c2.googledomains.com.
bit.ly. 86400   IN      NS      ns-705.awsdns-24.net.
bit.ly. 86400   IN      NS      ns-cloud-c1.googledomains.com.


_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Attachment: 0x895A7103.asc
Description: application/pgp-keys

_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations

Reply via email to