Re: bind vs glue records (fwd)

To: Christos Zoulas <christos%astron.com@localhost>, tech-net%netbsd.org@localhost
Subject: Re: bind vs glue records (fwd)
From: Mike Pumford <mpumford%mudcovered.org.uk@localhost>
Date: Sat, 26 Mar 2016 18:33:22 +0000



On 24/03/2016 21:41, Christos Zoulas wrote:

In article <Pine.NEB.4.64.1603241706100.524%ugly.internal.precedence.co.uk@localhost>,
Stephen Borrill  <netbsd%precedence.co.uk@localhost> wrote:

BTW, the reason I referred to glue records is because of warnings from:
http://mxtoolbox.com/SuperTool.aspx?action=dns%3astatic.acer.com&run=toolpage


So we are setting some bit that the server does not like. It is probably
something like nsit (although it isn't - I tried). So can you tcpdump the
outgoing query packets from named and see what's different?

I've got what appears to be an identical setup here and it fails thesame way. I restarted bind on the server and then did:

host static.acer.com

Here's what I got from tcpdump after making the host request:

bash-4.3# tcpdump -vvvnr dns.cap
reading from file dns.cap, link-type PPP_ETHER (PPPoE)

18:28:52.974427 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 10352, offset0, flags [none], proto UDP (17), length 84)81.187.216.64.57077 > 192.43.172.30.53: [udp sum ok] 54578 [1au] A?static.acer.com. ar: . OPT UDPsize=512 OK (56)18:28:52.984237 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 58, id 3165, offset0, flags [none], proto UDP (17), length 534)192.43.172.30.53 > 81.187.216.64.57077: [udp sum ok] 54578-| q: A?static.acer.com. 0/9/3 ns: acer.com. [2d] NS ns1.acer.com., acer.com.[2d] NS ns2.acer.com., acer.com. [2d] NS ns3.acer.com., acer.com. [2d]NS ns4.acer.com., acer.com. [2d] NS ns5.acer.com., acer.com. [2d] NSns6.acer.com., CK0POJMG874LJREF7EFN8430QVIT8BSM.com. [1d] Type50,CK0POJMG874LJREF7EFN8430QVIT8BSM.com. [1d] RRSIG,T2AQSNVH0N0GGDLJ8T58H3IIBS6GN560.com. [1d] Type50 ar: ns1.acer.com. [2d]A 193.0.238.131, ns2.acer.com. [2d] A 193.194.129.131, . OPTUDPsize=4096 OK (506)18:28:52.985172 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 0, offset 0,flags [DF], proto TCP (6), length 64)81.187.216.64.60578 > 192.43.172.30.53: Flags [S], cksum 0xc675(correct), seq 1473385615, win 32768, options [mss 1468,nop,wscale3,sackOK,nop,nop,nop,nop,TS val 1 ecr 0], length 018:28:52.995587 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 59, id 0, offset 0,flags [DF], proto TCP (6), length 60)192.43.172.30.53 > 81.187.216.64.60578: Flags [S.], cksum 0x1048(correct), seq 960381313, ack 1473385616, win 14480, options [mss1460,sackOK,TS val 2078546163 ecr 1,nop,wscale 7], length 018:28:52.995735 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 0, offset 0,flags [DF], proto TCP (6), length 52)81.187.216.64.60578 > 192.43.172.30.53: Flags [.], cksum 0x6728(correct), seq 1, ack 1, win 4220, options [nop,nop,TS val 1 ecr2078546163], length 018:28:52.996267 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 10353, offset0, flags [DF], proto TCP (6), length 110)81.187.216.64.60578 > 192.43.172.30.53: Flags [P.], cksum 0x07f9(correct), seq 1:59, ack 1, win 4220, options [nop,nop,TS val 1 ecr2078546163], length 5840481 [1au] A? static.acer.com. ar: . OPTUDPsize=4096 OK (56)18:28:53.006511 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 59, id 22911, offset0, flags [DF], proto TCP (6), length 52)192.43.172.30.53 > 81.187.216.64.60578: Flags [.], cksum 0x76ed(correct), seq 1, ack 59, win 114, options [nop,nop,TS val 2078546174ecr 1], length 018:28:53.006523 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 59, id 22912, offset0, flags [DF], proto TCP (6), length 787)192.43.172.30.53 > 81.187.216.64.60578: Flags [P.], cksum 0x73a8(correct), seq 1:736, ack 59, win 114, options [nop,nop,TS val2078546174 ecr 1], length 73540481- q: A? static.acer.com. 0/10/7 ns:acer.com. [2d] NS ns1.acer.com., acer.com. [2d] NS ns2.acer.com.,acer.com. [2d] NS ns3.acer.com., acer.com. [2d] NS ns4.acer.com.,acer.com. [2d] NS ns5.acer.com., acer.com. [2d] NS ns6.acer.com.,CK0POJMG874LJREF7EFN8430QVIT8BSM.com. [1d] Type50,CK0POJMG874LJREF7EFN8430QVIT8BSM.com. [1d] RRSIG,T2AQSNVH0N0GGDLJ8T58H3IIBS6GN560.com. [1d] Type50,T2AQSNVH0N0GGDLJ8T58H3IIBS6GN560.com. [1d] RRSIG ar: ns1.acer.com. [2d]A 193.0.238.131, ns2.acer.com. [2d] A 193.194.129.131, ns3.acer.com.[2d] A 210.63.100.11, ns4.acer.com. [2d] A 210.63.96.11, ns5.acer.com.[2d] A 208.203.4.141, ns6.acer.com. [2d] A 63.66.78.35, . OPTUDPsize=4096 OK (733)18:28:53.007811 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 0, offset 0,flags [DF], proto TCP (6), length 52)81.187.216.64.60578 > 192.43.172.30.53: Flags [F.], cksum 0x6403(correct), seq 59, ack 736, win 4220, options [nop,nop,TS val 1 ecr2078546174], length 018:28:53.009456 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 10354, offset0, flags [none], proto UDP (17), length 84)81.187.216.64.60142 > 63.66.78.35.53: [udp sum ok] 28270 [1au] A?static.acer.com. ar: . OPT UDPsize=512 OK (56)18:28:53.017882 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 59, id 22913, offset0, flags [DF], proto TCP (6), length 52)192.43.172.30.53 > 81.187.216.64.60578: Flags [F.], cksum 0x7401(correct), seq 736, ack 60, win 114, options [nop,nop,TS val 2078546185ecr 1], length 018:28:53.018006 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 0, offset 0,flags [DF], proto TCP (6), length 52)81.187.216.64.60578 > 192.43.172.30.53: Flags [.], cksum 0x63f7(correct), seq 60, ack 737, win 4220, options [nop,nop,TS val 1 ecr2078546185], length 018:28:53.135792 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 241, id 64275,offset 0, flags [DF], proto UDP (17), length 225)63.66.78.35.53 > 81.187.216.64.60142: [udp sum ok] 28270*- q: A?static.acer.com. 1/3/5 static.acer.com. [1d] CNAMEstatic-akamai.gtm.acer.com. ns: gtm.acer.com. [5m] NS gtm2.acer.com.,gtm.acer.com. [5m] NS gtm1.acer.com., gtm.acer.com. [5m] NSgtm3.acer.com. ar: gtm1.acer.com. [1d] A 193.0.238.134, gtm2.acer.com.[1d] A 122.146.111.24, gtm2.acer.com. [1d] A 210.241.130.24,gtm3.acer.com. [1d] A 199.107.120.136, . OPT UDPsize=4096 OK (197)18:28:53.137843 PPPoE [ses 0x1ec] IP6 (flowlabel 0x2cf0a, hlim 64,next-header UDP (17) payload length: 76) 2001:8b0:84:1::1.64955 >2001:502:ad09::23.53: [udp sum ok] 59781 [1au] Type32769?static.acer.com.dlv.isc.org. ar: . OPT UDPsize=512 OK (68)18:28:53.149193 PPPoE [ses 0x1ec] IP6 (hlim 58, next-header UDP (17)payload length: 64) 2001:502:ad09::23.53 > 2001:8b0:84:1::1.64955: [udpsum ok] 59781 NXDomain*-| q: Type32769? static.acer.com.dlv.isc.org.0/0/1 ar: . OPT UDPsize=4096 OK (56)18:28:53.150192 PPPoE [ses 0x1ec] IP6 (flowlabel 0x3e9da, hlim 64,next-header TCP (6) payload length: 44) 2001:8b0:84:1::1.63913 >2001:502:ad09::23.53: Flags [S], cksum 0xaa68 (correct), seq 1481817608,win 32768, options [mss 1448,nop,wscale 3,sackOK,nop,nop,nop,nop,TS val1 ecr 0], length 018:28:53.161708 PPPoE [ses 0x1ec] IP6 (hlim 58, next-header TCP (6)payload length: 32) 2001:502:ad09::23.53 > 2001:8b0:84:1::1.63913: Flags[S.], cksum 0x2aa5 (correct), seq 935839941, ack 1481817609, win 14400,options [mss 1440,nop,nop,sackOK,nop,wscale 9], length 018:28:53.161874 PPPoE [ses 0x1ec] IP6 (flowlabel 0x3e9da, hlim 64,next-header TCP (6) payload length: 20) 2001:8b0:84:1::1.63913 >2001:502:ad09::23.53: Flags [.], cksum 0x9362 (correct), seq 1, ack 1,win 4163, length 018:28:53.162416 PPPoE [ses 0x1ec] IP6 (flowlabel 0x3e9da, hlim 64,next-header TCP (6) payload length: 90) 2001:8b0:84:1::1.63913 >2001:502:ad09::23.53: Flags [P.], cksum 0xa63e (correct), seq 1:71, ack1, win 4163, length 7012946 [1au] Type32769?static.acer.com.dlv.isc.org. ar: . OPT UDPsize=4096 OK (68)18:28:53.173538 PPPoE [ses 0x1ec] IP6 (hlim 58, next-header TCP (6)payload length: 20) 2001:502:ad09::23.53 > 2001:8b0:84:1::1.63913: Flags[.], cksum 0xa342 (correct), seq 1, ack 71, win 29, length 018:28:53.173548 PPPoE [ses 0x1ec] IP6 (hlim 58, next-header TCP (6)payload length: 773) 2001:502:ad09::23.53 > 2001:8b0:84:1::1.63913:Flags [P.], cksum 0xc877 (correct), seq 1:754, ack 71, win 29, length75312946 NXDomain*- q: Type32769? static.acer.com.dlv.isc.org. 0/6/1 ns:dlv.isc.org. [1h] SOA ns-int.isc.org. hostmaster.isc.org. 20160326037200 3600 2419200 3600, dlv.isc.org. [1h] RRSIG,absoluteopenbsd.com.dlv.isc.org. [1h] NSEC,absoluteopenbsd.com.dlv.isc.org. [1h] RRSIG, toxi.co.dlv.isc.org. [1h]NSEC, toxi.co.dlv.isc.org. [1h] RRSIG ar: . OPT UDPsize=4096 OK (751)18:28:53.174345 PPPoE [ses 0x1ec] IP6 (flowlabel 0x3e9da, hlim 64,next-header TCP (6) payload length: 20) 2001:8b0:84:1::1.63913 >2001:502:ad09::23.53: Flags [F.], cksum 0x902a (correct), seq 71, ack754, win 4163, length 018:28:53.181748 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 10355, offset0, flags [none], proto UDP (17), length 84)81.187.216.64.60231 > 199.6.0.29.53: [udp sum ok] 49358 [1au]Type32769? com.dlv.isc.org. ar: . OPT UDPsize=512 OK (56)18:28:53.185600 PPPoE [ses 0x1ec] IP6 (hlim 58, next-header TCP (6)payload length: 20) 2001:502:ad09::23.53 > 2001:8b0:84:1::1.63913: Flags[F.], cksum 0xa04f (correct), seq 754, ack 72, win 29, length 018:28:53.185773 PPPoE [ses 0x1ec] IP6 (flowlabel 0x3e9da, hlim 64,next-header TCP (6) payload length: 20) 2001:8b0:84:1::1.63913 >2001:502:ad09::23.53: Flags [.], cksum 0x9029 (correct), seq 72, ack755, win 4163, length 018:28:53.276226 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 58, id 18090, offset0, flags [none], proto UDP (17), length 532)199.6.0.29.53 > 81.187.216.64.60231: [udp sum ok] 49358*- q:Type32769? com.dlv.isc.org. 0/4/1 ns: dlv.isc.org. [1h] SOAns-int.isc.org. hostmaster.isc.org. 2016032603 7200 3600 2419200 3600,dlv.isc.org. [1h] RRSIG, toxi.co.dlv.isc.org. [1h] NSEC,toxi.co.dlv.isc.org. [1h] RRSIG ar: . OPT UDPsize=4096 OK (504)18:28:53.283693 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 10356, offset0, flags [none], proto UDP (17), length 95)81.187.216.64.57686 > 193.194.129.131.53: [udp sum ok] 31038 [1au]A? static-akamai.gtm.acer.com. ar: . OPT UDPsize=512 OK (67)18:28:53.311830 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 49, id 54029, offset0, flags [none], proto UDP (17), length 204)193.194.129.131.53 > 81.187.216.64.57686: [udp sum ok] 31038- q: A?static-akamai.gtm.acer.com. 0/3/5 ns: gtm.acer.com. [5m] NSgtm2.acer.com., gtm.acer.com. [5m] NS gtm1.acer.com., gtm.acer.com. [5m]NS gtm3.acer.com. ar: gtm1.acer.com. [1d] A 193.0.238.134,gtm2.acer.com. [1d] A 122.146.111.24, gtm2.acer.com. [1d] A210.241.130.24, gtm3.acer.com. [1d] A 199.107.120.136, . OPTUDPsize=4096 OK (176)18:28:53.313832 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 64, id 10357, offset0, flags [none], proto UDP (17), length 95)81.187.216.64.61636 > 210.241.130.24.53: [udp sum ok] 38321 [1au]A? static-akamai.gtm.acer.com. ar: . OPT UDPsize=512 OK (67)18:28:53.652369 PPPoE [ses 0x1ec] IP (tos 0x0, ttl 237, id 59536,offset 0, flags [DF], proto UDP (17), length 135)210.241.130.24.53 > 81.187.216.64.61636: [udp sum ok] 38321NXDomain*- q: A? static-akamai.gtm.acer.com. 0/1/1 ns: gtm.acer.com.[1m] SOA gtm1.acer.com. hostmaster.gtm1.acer.com. 686 10800 3600 60480060 ar: . OPT UDPsize=4096 OK (107)

bash-4.3#

All I can see is that it appears to be queryingstatic-akamai.gtm.acer.com as an A record rather than the cname itactually is but that's where my DNS expertise ends.


Mike

Follow-Ups:
- Re: bind vs glue records (fwd)
  - From: Rhialto

References:
- bind vs glue records (fwd)
  - From: Stephen Borrill
- Re: bind vs glue records (fwd)
  - From: Christos Zoulas

Prev by Date: Re: Simplify bridge(4)
Next by Date: Re: bind vs glue records (fwd)
Previous by Thread: Re: bind vs glue records (fwd)
Next by Thread: Re: bind vs glue records (fwd)
Indexes:

Home | Main Index | Thread Index | Old Index