In message <[email protected]>, Gilles Massen writes:
> Agreed, here are the queries:
>
> q=`jot -s . -b 123456789 25`.lu
> for n in $(jot -c 13 a); do dig @${n}.root-servers.net $q +norec
> +noquestion +noanswer +noauth +nocomment +nostat; done
>
> There are 2 groups of additional sections:
> A, C, E, I, J: 2 names, with their v4+v6 addresses
> B, D, E, G, H, K, L, M: 4 names, only v4 addresses
>
> What stroke me was 2 things:
> - both groups do not change the answers on subsequent queries. So for
> the first group, if the 2 servers are down, your done.
> - the second group doesn't provide any v6 addresses at all.
>
> Now I don't want to pick on any implementation, rather get an idea of
> the reasoning behind the behaviour... (I do agree that the query is a
> bit extreme). And if operators think that this might lead to problems.
>
> Gilles
A properly functioning resolver will request the missing glue from
the root servers and named at least will return it in the additional
section or set TC=1. Glue isn't supposed to be truncated according
to RFC 103[45] as it is not additional data. It is part of the
referral and should cause TC=1 to be set if it won't fit.
> On 5/6/12 19:23 , Joe Abley wrote:
> >
> > On 2012-06-05, at 08:28, Gilles Massen wrote:
> >
> >> One set of root servers fills the additional section with 2 names, and
> >> their v4 and v6 addresses. But it's always the same two servers,
> >> indepently of the server asked. The other set answers with a bit more
> >> servers, but only v4 adresses, and here again, always the same list.
> >
> > It might be instructive to spell out what query you tried, and what your
> > results were (per letter).
> >
> > Some root servers are not shy about telling the world what software they
> > are running, but others prefer to obfuscate:
> >
> > [krill:~]% for n in $(jot -c 13 a)
> > for> do echo "${n}: $(dig @${n}.root-servers.net version.bind ch txt
> > +short)"
> > for> done
> > a: "This space intentionally left blank"
> > b: "4.8.1"
> > c: "c-root"
> > d: "9.8.1-P1"
> > e:
> > f: "9.7.4"
> > g: ""
> > h: "NSD 3.2.10"
> > i: "contact [email protected]"
> > j: "This space intentionally left blank"
> > k: "NSD 3.2.8"
> > l: "NSD 3.2.8"
> > m: "9.7.3-P3"
> > [krill:~]%
> >
> > I can confirm the version string for L is accurate. The versions shown
> > above for D, F, H, K and M look plausible to me, altho
> ugh I can't speak authoritatively about what they are doing.
> >
> > If you wanted to nail down the different behaviour to particular versions
> > of software, the rootops are all here and will no d
> oubt crawl out of the woodwork if there are questions to answer.
> >
> >
> > Joe=
>
>
> --
> Fondation RESTENA
> 6, rue Coudenhove-Kalergi
> L-1359 Luxembourg
> tel: (+352) 424409
> fax: (+352) 422473
> _______________________________________________
> DNSOP mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/dnsop
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [email protected]
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
