Hmm, B has the same one, and C has all the other Roots listed as A records. Would/could this really cause any sort of an issue though? Regards, -Joe Blanchard On Mon, 10 Oct 2005, Peter Dambier wrote:
See with your own eyes:
; <<>> DiG 9.1.3 <<>> -t any . @a.public-root.net ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 18588 ;; flags: qr aa rd; QUERY: 1, ANSWER: 15, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION: ;. IN ANY
;; ANSWER SECTION: . 172800 IN SOA a.public-root.net. hostmaster.public-root.net.\ 2005101006 43200 3600 1209600 14400 . 172800 IN A 57.67.193.188 . 172800 IN NS k.public-root.net. . ... . 172800 IN NS j.public-root.net.
;; Query time: 81 msec ;; SERVER: 205.189.71.2#53(a.public-root.net) ;; WHEN: Mon Oct 10 16:01:11 2005
Joe Blanchard wrote:
Hmm, B has the same one, and C has all the other Roots listed as A records. Would/could this really cause any sort of an issue though?
Its not records like a.public-root.net. 369 IN A 205.189.71.2 that are the issue. That's as it should be. (Well... if you accept that public-root should be. ;-) ) This record, however, is not correct: . 172800 IN A 57.67.193.188 That is the root. For those of you who need reminding on how DNS works... . the root / | \ / | \ / | \ .com .net .org top level domains | | | | yahoo bgp4 domain names | | | | www sea host (or subdomain) The trailing dot is left out in day to day use when we use URLS like www.yahoo.com - however, its really www.yahoo.com. - note the dot on the end. That's the root. Having an A record for the root is one better than having an A record for, say, .edu. In other words, this shouldn't work: [aura.sea.bgp4.net] (ciscogeek) nslookup . a.public-root.net Server: a.public-root.net Address: 205.189.71.2#53 Name: . Address: 57.67.193.188 As for what issues it could cause, I'm not sure. I can't think of any off hand, but who knows what poorly written application may not be expecting an A record for the root. For most people though, it doesn't matter, because they aren't using public-root in the first place. I now return you to the Cogent/Level3 thread.
Janet Sullivan <ciscogeek@bgp4.net> wrote: [...]
Having an A record for the root is one better than having an A record for, say, .edu. In other words, this shouldn't work:
The content at http://57.67.193.188/ made me wonder if they'd not in fact put in a *wildcard* record in the root zone. It turns out that they haven't, so there's still some more lack of DNS Clue that hasn't yet been demonstrated. -- My swerver room, my patch panels. By the time they figure out why none of the ports on their floor box work anymore I'll be done, dusted and down the pub with a pint of something brewed with yeast that was smarter than they are. - a fed up BOFH in the Monastery
participants (3)
-
abuse@cabal.org.uk
-
Janet Sullivan
-
Joe Blanchard