Although servfail rcodes have already been mentioned in this draft, I would like to add this nice little gem of DNS. This name server responds to AAAA queries in a particularly odd way:
1) 'aa' bit + SERVFAIL. 2) Reflexive CNAME. 3) answer section given, despite the SERVFAIL
dig @ns.intouch.net ns.intouch.net aaaa +norecurs
; <<>> DiG 9.2.1 <<>> @ns.intouch.net ns.intouch.net aaaa +norecurs ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 58716 ;; flags: qr aa; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION: ;ns.intouch.net. IN AAAA
;; ANSWER SECTION: ns.intouch.net. 3600 IN CNAME blade230.intouch.net. blade230.intouch.net. 3600 IN CNAME blade230.intouch.net.
;; Query time: 92 msec ;; SERVER: 212.26.192.1#53(ns.intouch.net) ;; WHEN: Wed Mar 24 16:17:16 2004 ;; MSG SIZE rcvd: 69
David Meyer wrote:
All,
This is a WG Last Call (WGLC) for comments on "Common Misbehavior against DNS Queries for IPv6 Addresses",
http://www.ietf.org/internet-drafts/draft-ietf-dnsop-misbehavior-against-aaaa-00.txt
Please review the document carefully, and send your feedback to the list. Please also indicate whether or not you believe that this document is ready to go to the IESG for Informational.
The WGLC will end on Wednesday, 07 April 2004, at 1500 PST.
Thanks,
Rob and Dave
.
dnsop resources:_____________________________________________________
web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html
mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
. dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
