On Fri, Jun 08, 2012 at 12:11:20PM +1000, Mark Andrews wrote:
$ dig @pdns3.ultradns.org www.netflix.com. A +norec +short wwwservice--frontend-313423742.us-east-1.elb.amazonaws.com. $ dig @pdns3.ultradns.org www.netflix.com. AAAA +norec +short dualstack.wwwservice--frontend-313423742.us-east-1.elb.amazonaws.com. $ dig @pdns3.ultradns.org www.netflix.com. ANY +short +norec $
Resolving www.netflix.com using ANY RRtype fails with an empty answer section in the DNS response.
Which is just plain BROKEN.
Yup.
This DNS trickery seems to be from the "taking a shower, trying not to get wet" department. And has adverse effects in corner cases. While playing around, I had periods of time where I couldn't resolve the FQDN at all, possibly due some caching of the empty response.
It's not DNS trickery.
The "trickery" is returning different CNAMEs for QTYPE=A and QTYPE=AAAA. I'm not sure what's the goal of that is, but it's 4am here so I have an excuse of not seeing the light. :) Best regards, Daniel -- CLUE-RIPE -- Jabber: dr@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0