Feeds:
Posts
Comments

Archive for September 1st, 2010

Check out your glue

Posted in Informatica e reti, tagged , on 1 September 2010| Leave a Comment »

Bind 9.7 si sta rivelando estremamente schizzinoso per quanto riguarda deleghe e glue record delle zone che risolve.

Se il record A fornito dal parent non batte con quello fornito dalla zona child, bind bellamente lo cassa.

Ergo: se tutte le deleghe sono a farfalle, rifiuta di risolvere la zona, dato che non rimangono record NS a cui fare affidamento.

Questo, ad esempio, quello che mi è capitato sotto il naso quest’oggi:

zarathustra:~ skull$ dig ns +trace aroma-polifarma.com

; <<>> DiG 9.6.0-APPLE-P2 <<>> ns +trace aroma-polifarma.com
;; global options: +cmd
[…]
aroma-polifarma.com.    172800  IN      NS      ns5.ticariyer.com.
aroma-polifarma.com.    172800  IN      NS      ns6.ticariyer.com.
;; Received 115 bytes from 192.31.80.30#53(d.gtld-servers.net) in 141 ms

aroma-polifarma.com.    86400   IN      NS      ns6.ticariyer.com.
aroma-polifarma.com.    86400   IN      NS      ns5.ticariyer.com.
;; Received 115 bytes from 85.153.27.39#53(ns5.ticariyer.com) in 65 ms

Ora: se domandiamo chi siano i DNS alla zona parent otteniamo una risposta:

zarathustra:~ skull$ dig +noall +norec +authority +answer +additional ns aroma-polifarma.com @d.gtld-servers.net
aroma-polifarma.com.    172800  IN      NS      ns5.ticariyer.com.
aroma-polifarma.com.    172800  IN      NS      ns6.ticariyer.com.
ns5.ticariyer.com.      172800  IN      A       85.153.27.41
ns6.ticariyer.com.      172800  IN      A       85.153.27.42

Se invece domandiamo alla zona child…

zarathustra:~ skull$ dig +noall +norec +authority +answer +additional ns aroma-polifarma.com @85.153.27.41
aroma-polifarma.com.    31876   IN      NS      ns5.ticariyer.com.
aroma-polifarma.com.    31876   IN      NS      ns6.ticariyer.com.
ns5.ticariyer.com.      6767    IN      A       85.153.27.39
ns6.ticariyer.com.      9863    IN      A       85.153.27.40

…ne otteniamo un’altra.

Come risultato:

zarathustra:~ skull$ dig ns aroma-polifarma.com @dns2.spin.it

; <<>> DiG 9.6.0-APPLE-P2 <<>> ns aroma-polifarma.com @dns2.spin.it
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 9114
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;aroma-polifarma.com.           IN      NS

;; Query time: 135 msec
;; SERVER: 2a02:9a8:1::ff03#53(2a02:9a8:1::ff03)
;; WHEN: Wed Sep  1 18:03:49 2010
;; MSG SIZE  rcvd: 37

Mentre nei log del resolver:

Sep  1 18:03:49 dns2 named[32465]: DNS format error from 85.153.27.41#53 resolving aroma-polifarma.com/NS for client 2a02:9a8:1:100::ff3c#53124: sideways referral
Sep  1 18:03:49 dns2 named[32465]: DNS format error from 85.153.27.42#53 resolving aroma-polifarma.com/NS for client 2a02:9a8:1:100::ff3c#53124: sideways referral

Verificate le vostre zone DNS, che è meglio… 😉

Read Full Post »

%d bloggers like this: