On Sat, May 3, 2014 at 10:02 PM, Mark Radabaugh <mark@amplex.net> wrote:
Either way - it breaks Sendmail, some versions of Exchange, and possibly other MTA's. The proper answer to a non-existent AAAA record is NOERROR, with ANSWER 0.
if I ask ns1/2/3/4/5/6.hp.com directly for AAAA for onramp01.hpeprint.com.: ; <<>> DiG 9.8.1-P1 <<>> AAAA onramp01.hpeprint.com. @ns6.hp.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30318 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 6, ADDITIONAL: 6 ;; WARNING: recursion requested but not available ;; QUESTION SECTION: ;onramp01.hpeprint.com. IN AAAA (I get the same result for all ns hosts) if I ask my local bind (ubuntu package == 1:9.8.1.dfsg.P) though I get: $ dig AAAA onramp01.hpeprint.com @localhost ; <<>> DiG 9.8.1-P1 <<>> AAAA onramp01.hpeprint.com @localhost ;; global options: +cmd ;; connection timed out; no servers could be reached That's a bit weird and frustrating.
Hanging or refusing to answer doesn't result in another attempt to look for an A record since the name server failed to respond to a valid query. Given that the whole point of the domain is to enable email printing, HP isn't making it easy.
scott's request LOOKS like a request to 'some resolver' (not directly to them, perhaps his local bind instance? I wonder why 8.8.8.8 returns srvfail? I think one of the google-public-dns people reads nanog, perhaps he knows? (or could fix this which seems to be a bug, to me at least) -chris