checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Stefan Sticht
Hi,

since a couple of weeks i repeatedly see this in all my nameserver logs:

Sep  8 12:12:56 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:03 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:03 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:07 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:07 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:11 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:11 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

I have two views named internal and external. Only the internal view has this problem. Both views use

         zone "." IN {
                 type hint;
                 file "named.ca";
         };

I update the hints file daily.

All nameservers use bind, some the standard bind on CentOS 6, some the one on Centos7.

  BIND 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4
  BIND 9.9.4-RedHat-9.9.4-50.el7_3.1

Anyone an idea?

Thanks!

Stefan



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users

smime.p7s (5K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Alberto Colosi

why to write here on the list ?

simply is a problem rom your script (file overwrite) or nist file could be dirty.


I hate automatic update special each day specia for roots inside dns (they change one time every twenty years ... if is a change).


I don't kno nist file, I ever used internic for my dns where installed inside IBM Corporate or inside clients site.


With internic file ever I found fine. Have you simply tried to stop named , put a good root file , clean logs and start named again ?.


If all go fine the hole is inside your home, if not , nist file have some chars dirty or your transfer go in a wrong way.


Even try other sources like internic ... all root files should , HAVE TO BE the same if you want dns to work fine, so all sources SHOULD/COULD be fine.


From my side, let a sugestion, leave CENTOS (forget that exist) and use ubuntu or BETTER fedora core (server) and use last ISC BIND from source (I ever compiled my daemons as like BIND from myself with options and libs as needed and even you can anser mor quick to a vulnerability issue).


As last, don't use beta or RC in a production enviroment.


ITC Security and NetWork Architect and Admin / Engineer

ITC Senior Specialist







From: bind-users <[hidden email]> on behalf of Stefan Sticht <[hidden email]>
Sent: Saturday, September 9, 2017 6:43 PM
To: [hidden email]
Subject: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
 
Hi,

since a couple of weeks i repeatedly see this in all my nameserver logs:

Sep  8 12:12:56 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:03 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:03 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:07 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:07 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:11 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:11 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

I have two views named internal and external. Only the internal view has this problem. Both views use

         zone "." IN {
                 type hint;
                 file "named.ca";
         };

I update the hints file daily.

All nameservers use bind, some the standard bind on CentOS 6, some the one on Centos7.

  BIND 9.8.2rc1-RedHat-9.8.2-0.62.rc1.el6_9.4
  BIND 9.9.4-RedHat-9.9.4-50.el7_3.1

Anyone an idea?

Thanks!

Stefan



_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Jay Ford-2
In reply to this post by Stefan Sticht
On Sat, 9 Sep 2017, Stefan Sticht wrote:
> since a couple of weeks i repeatedly see this in all my nameserver logs:
>
> Sep  8 12:12:56 ns-01 named[17926]: checkhints: view “internal”:
> b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
> Sep  8 12:13:03 ns-01 named[17926]: checkhints: view “internal”:
> b.root-servers.net/AAAA (2001:500:84::b) missing from hints

I get that, too, with the same view situation, but running BIND 9.10.6 using
the built-in root hints.

A query for view=internal type=AAAA name=b.root-servers.net fixes it for a
while.

________________________________________________________________________
Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: [hidden email], phone: 319-335-5555
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Suzanne Woolf
In reply to this post by Stefan Sticht

On Sep 9, 2017, at 12:43 PM, Stefan Sticht <[hidden email]> wrote:

Hi,

since a couple of weeks i repeatedly see this in all my nameserver logs:

Sep  8 12:12:56 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:03 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:03 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:07 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:07 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:11 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:11 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

You’re looking to an out-of-date source. The AAAA in the global root zone for b.root-servers.net was changed several weeks ago; the “missing” address is the old address, and the “extra record” is the new one.




Suzanne


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Alberto Colosi

I haven't seen as from a while I have no servers to admin

as I ever say to who I teach ....... right source for right content. nist ok but .......... better internic as maintaining DNS


https://www.internic.net/domain/named.root


as obvious , here is right address.






From: bind-users <[hidden email]> on behalf of Suzanne Woolf <[hidden email]>
Sent: Saturday, September 9, 2017 8:11 PM
To: Stefan Sticht
Cc: [hidden email]
Subject: Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
 

On Sep 9, 2017, at 12:43 PM, Stefan Sticht <[hidden email]> wrote:

Hi,

since a couple of weeks i repeatedly see this in all my nameserver logs:

Sep  8 12:12:56 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:03 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:03 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:07 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:07 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints
Sep  8 12:13:11 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:84::b) missing from hints
Sep  8 12:13:11 ns-01 named[17926]: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

You’re looking to an out-of-date source. The AAAA in the global root zone for b.root-servers.net was changed several weeks ago; the “missing” address is the old address, and the “extra record” is the new one.




Suzanne


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Mark Andrews

I suspect that you are forwarding your queries and that your forwarder is
returning out-of-date addresses.

In message <[hidden email]>, Alberto Colosi writes:

> I haven't seen as from a while I have no servers to admin
>
> as I ever say to who I teach ....... right source for right content. nist o=
> k but .......... better internic as maintaining DNS
>
>
> https://www.internic.net/domain/named.root
>
>
> [cid:2158d269-d79e-445b-8112-c7fce0fbb65f]
>
> as obvious , here is right address.
>
>
>
>
> ________________________________
> From: bind-users <[hidden email]> on behalf of Suzanne Wo=
> olf <[hidden email]>
> Sent: Saturday, September 9, 2017 8:11 PM
> To: Stefan Sticht
> Cc: [hidden email]
> Subject: Re: checkhints: view =93internal=94: b.root-servers.net/AAAA (2001=
> :500:200::b) extra record in hints
>
>
> On Sep 9, 2017, at 12:43 PM, Stefan Sticht <[hidden email]<mailto:stefan=
> @sticht.net>> wrote:
>
> Hi,
>
> since a couple of weeks i repeatedly see this in all my nameserver logs:
>
> Sep  8 12:12:56 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:200::b) extra r=
> ecord in hints
> Sep  8 12:13:03 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:84::b) missing =
> from hints
> Sep  8 12:13:03 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:200::b) extra r=
> ecord in hints
> Sep  8 12:13:07 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:84::b) missing =
> from hints
> Sep  8 12:13:07 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:200::b) extra r=
> ecord in hints
> Sep  8 12:13:11 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:84::b) missing =
> from hints
> Sep  8 12:13:11 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:200::b) extra r=
> ecord in hints
>
> You=92re looking to an out-of-date source. The AAAA in the global root zone=
>  for b.root-servers.net<http://b.root-servers.net> was changed several week=
> s ago; the =93missing=94 address is the old address, and the =93extra recor=
> d=94 is the new one.
>
>
>
>
> Suzanne
>
>
> --_000_CY4PR13MB13818A83CA1DFBFFB0D999B1A26A0CY4PR13MB1381namp_
> Content-Type: text/html; charset="Windows-1252"
> Content-Transfer-Encoding: quoted-printable
>
> <html>
> <head>
> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
> 252">
> <style type=3D"text/css" style=3D"display:none;"><!-- P {margin-top:0;margi=
> n-bottom:0;} --></style>
> </head>
> <body dir=3D"ltr">
> <div id=3D"divtagdefaultwrapper" style=3D"font-size:12pt;color:#000000;font=
> -family:Calibri,Helvetica,sans-serif;" dir=3D"ltr">
> <p>I haven't seen as from a while I have no servers to admin <br>
> </p>
> <p>as I ever say to who I teach ....... right source for right content. nis=
> t ok but .......... better internic as maintaining DNS</p>
> <p><br>
> </p>
> <p><a href=3D"https://www.internic.net/domain/named.root" class=3D"OWAAutoL=
> ink" id=3D"LPlnk853868" previewremoved=3D"true">https://www.internic.net/do=
> main/named.root</a></p>
> <p><br>
> </p>
> <p><img size=3D"0" contenttype=3D"image/png" style=3D"max-width: 99.9%;" id=
> =3D"img968046" crossorigin=3D"anonymous" tabindex=3D"0" src=3D"cid:2158d269=
> -d79e-445b-8112-c7fce0fbb65f"></p>
> <p>as obvious , here is right address.</p>
> <p><br>
> </p>
> <p><br>
> </p>
> <br>
> <br>
> <div style=3D"color: rgb(0, 0, 0);">
> <hr tabindex=3D"-1" style=3D"display:inline-block; width:98%">
> <div id=3D"divRplyFwdMsg" dir=3D"ltr"><font style=3D"font-size:11pt" color=
> =3D"#000000" face=3D"Calibri, sans-serif"><b>From:</b> bind-users &lt;bind-=
> [hidden email]&gt; on behalf of Suzanne Woolf &lt;suzworldwide=
> @gmail.com&gt;<br>
> <b>Sent:</b> Saturday, September 9, 2017 8:11 PM<br>
> <b>To:</b> Stefan Sticht<br>
> <b>Cc:</b> [hidden email]<br>
> <b>Subject:</b> Re: checkhints: view =93internal=94: b.root-servers.net/AAA=
> A (2001:500:200::b) extra record in hints</font>
> <div>&nbsp;</div>
> </div>
> <div><br class=3D"">
> <div>
> <blockquote type=3D"cite" class=3D"">
> <div class=3D"">On Sep 9, 2017, at 12:43 PM, Stefan Sticht &lt;<a href=3D"m=
> ailto:[hidden email]" class=3D"">[hidden email]</a>&gt; wrote:</div>
> <br class=3D"Apple-interchange-newline">
> <div class=3D"">Hi,<br class=3D"">
> <br class=3D"">
> since a couple of weeks i repeatedly see this in all my nameserver logs:<br=
>  class=3D"">
> <br class=3D"">
> Sep &nbsp;8 12:12:56 ns-01 named[17926]: checkhints: view =93internal=94: <=
> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
> b.root-servers.net/AAAA</a> (2001:500:200::b) extra record in hints<br clas=
> s=3D"">
> Sep &nbsp;8 12:13:03 ns-01 named[17926]: checkhints: view =93internal=94: <=
> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
> b.root-servers.net/AAAA</a> (2001:500:84::b) missing from hints<br class=3D=
> "">
> Sep &nbsp;8 12:13:03 ns-01 named[17926]: checkhints: view =93internal=94: <=
> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
> b.root-servers.net/AAAA</a> (2001:500:200::b) extra record in hints<br clas=
> s=3D"">
> Sep &nbsp;8 12:13:07 ns-01 named[17926]: checkhints: view =93internal=94: <=
> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
> b.root-servers.net/AAAA</a> (2001:500:84::b) missing from hints<br class=3D=
> "">
> Sep &nbsp;8 12:13:07 ns-01 named[17926]: checkhints: view =93internal=94: <=
> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
> b.root-servers.net/AAAA</a> (2001:500:200::b) extra record in hints<br clas=
> s=3D"">
> Sep &nbsp;8 12:13:11 ns-01 named[17926]: checkhints: view =93internal=94: <=
> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
> b.root-servers.net/AAAA</a> (2001:500:84::b) missing from hints<br class=3D=
> "">
> Sep &nbsp;8 12:13:11 ns-01 named[17926]: checkhints: view =93internal=94: <=
> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
> b.root-servers.net/AAAA</a> (2001:500:200::b) extra record in hints<br clas=
> s=3D"">
> </div>
> </blockquote>
> <div><br class=3D"">
> </div>
> You=92re looking to an out-of-date source. The AAAA in the global root zone=
> &nbsp;for <a href=3D"http://b.root-servers.net" class=3D"">
> b.root-servers.net</a>&nbsp;was changed several weeks ago; the =93missing=
> =94 address is the old address, and the =93extra record=94 is the new one.<=
> /div>
> <div><br class=3D"">
> </div>
> <div><br class=3D"">
> </div>
> <div><br class=3D"">
> </div>
> <div><br class=3D"">
> </div>
> <div>Suzanne</div>
> <div><br class=3D"">
> </div>
> </div>
> </div>
> </div>
> </body>
> </html>
>
> --_000_CY4PR13MB13818A83CA1DFBFFB0D999B1A26A0CY4PR13MB1381namp_--
>
> --_004_CY4PR13MB13818A83CA1DFBFFB0D999B1A26A0CY4PR13MB1381namp_
> Content-Type: image/png; name="pastedImage.png"
> Content-Description: pastedImage.png
> Content-Disposition: inline; filename="pastedImage.png"; size=1721;
> creation-date="Sat, 09 Sep 2017 18:25:54 GMT";
> modification-date="Sat, 09 Sep 2017 18:25:54 GMT"
> Content-ID: <2158d269-d79e-445b-8112-c7fce0fbb65f>
> Content-Transfer-Encoding: base64
>
> iVBORw0KGgoAAAANSUhEUgAAAjEAAAAyCAIAAAAiBh0kAAAGgElEQVR4nO2dW4KrIAxAuxp343Jc
> jxtyT70fjhVCwqto09tzvqbUgRAekWiTxxMAAMAHj08LAAAA8Ac2CQAAvIBNAgAAL2CTAADAC9gk
> AADwAjYJ7mWdHzvTsomvtmX6+25e0+uDsjvK3bBr5U9bifZeBY95WeZEpVdwNmkNZMw5rMrl55fF
> ctluRdOqftJ69mp0OcX8CAZgaarHlierNmXcLfm79OMQbBLcx7ZM4RYTrZh1VszCtkzHRdsynV9f
> Xe6MbZmnU7pAccGfkW6vZp1VHWauD+WMZA669QjGQik/KnmNlJhBxXaNuWfq8xRnFnblEK6tnubx
> qhn380OHflyCTYIPYa3ngHgzOLeCq8u9sS3zsr5sprU33YiwSUW9ibFOOxLVZJU3NKi1m5ZLY2PI
> Ke9jZmljautpHa/SuCftptJ+IdgkuJnDtRGuzm2ZT1fI+YW0GfqN6/hyb+xybi/fU7ThfcJPE7mJ
> KjbAaDt9GCbp6KdVfn5q2HN1/VgOZFXO/ZN6H9NcT9t4meOecYBjkwD6ED6NR/iI5C7b81026ZDQ
> kDPwfV2OOCcVGw5smOrIelXVZZPEAxzDTIb6sc831qMY6SDrrUeXx8Acd85JABcQrKh4fb4WX7y6
> DF/KBeXeODW1zvNq2c4b9yKhqqLmwhF9mJ6s8b67iOD/Cj49Iefff+/2UnS8uR5VHlNiY9yzt0//
> sU3a7z6+unfgi9CPIVZr8FXksF+CZ8Lh5ReX+yLQyLZMr3tv8XbBjTY1akqIoe0b4R4ajXTLOw5B
> A3UdtfUjTzuarRJOt+e2TNM02f0q15MfL0Vvxrjb7R6Xavr5mv0cmwR3ErhZUgeN8iZ44AWRu8G1
> 5X546SWxRNmXjq8jeec4MRmxNmUHnuv8iMyPXYssb3uOZehHeWd6Xkty7p8jGZvryY+X1Js57la7
> Bf18zX6O7w4AALyATQIAAC9gkwAAwAvYJAAA8AI2CQAAvIBNAgAAL2CTAADAC5pNIhb9/jWx6K+A
> XBXNZH7U9TGi2ZuUp/rMRmhTsCPJ6eVWu/nK06qa6sn1y5hXlt7ghXFOIhZ9Tz22PAa/FoueXBVv
> sM7Tst6UIqnEHpsgDbcW61Nfa3awHaOaKPaHXk8cG6IiTHl003POQ0P+VjnNeWXpDQLqbBKx6IlF
> PxxyVTSxS+dqO0uFETGHVFlb1WxdH5bHfzetQWGfyvJXVFSYV64G0R+mTQqOtlWH4dADZ5ikM46h
> Xn5+Ihb9fxyLnlwVPRwT1NN+lj0n6QffZvmt60V5t3szNhhl+avkLMwrT2PokLpzErHoiUU/GnJV
> NBAMuaPRV6dn9EBWeXbXIrx1fVK+Lcvr4xlWt6oFWX9O/lo5sUnvUGGT0o/a9WegQGLRp/KYEv9i
> LPoDclXUIm/KnMhZ2Fvlztx2hLGu18ozh5RSIxlV1lWky5OdV9ikLDU2iVj0lfUQi74AuSq6sN/B
> +SzZvTXUZ9bVoq4L/XqzntivM8vtxFoXOUUa3poqOQvzCpuUpeZdcGLRV9ZDLPoiGb+//hbuz+eq
> EI8Wk8n3CeS5LXzBTpmeckKX9nrr+kw9esNG/Wc7qbUwq2mQM/7OkPLTY+gXfjMLAABewCYBAIAX
> sEkAAOAFbBIAAHgBmwQAAF7AJgEAgBewSQAA4AVyVZCr4l7IVdGM9aOuUeU9tOZosMqjVdDQbFLR
> oPEd1a964l/LA7kq9j/JVXEL9hgZsc2smP9Xl3vEylUxqryB5hwNw3I3GJEXBo3vsH418nUL+VLI
> VZG0SK6KeyBXRRNWropR5W8K9nw+u/VsTnPtVKKH1epotxT35N1+WfUr5escukd+3T6Rq+L4pM4z
> clWM5/AgxTEUyVWRx8pVMaq8l6ocDV1xsg2bpO1LXe3mbdL7/WqySY/4GcY3r++3IVeFEJZcFTex
> kauinmDIpe9oSHkntTkaLsndEPVl7PgO6lc10gr5PrFfDbkqzv8mV8W9kKuiFnlTFsg/pLyHlhwN
> BT13ntnOfxs5vgP7VY1c7n5n4h2QqyKqjVwVl0Kuii6u8td1b32266RLz9W+u2iriNZvR7vqehzY
> r0bfnb0x/RrkqrAP3+SqGE+gIuVmVOkYuSqMXBVimnWXd/ibmnM0WOVSuIrnMdbz2vbxTesf1q+M
> /MY+EP7yxK0H+Sb4zSwAAHgBmwQAAF7AJgEAgBewSQAA4AVsEgAAeAGbBAAAXvgHTj0unmsfMQUA
> AAAASUVORK5CYII=
>
> --_004_CY4PR13MB13818A83CA1DFBFFB0D999B1A26A0CY4PR13MB1381namp_--
>
> --===============5302062206301811095==
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/bind-users
> --===============5302062206301811095==--
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: [hidden email]
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Jay Ford-2
On Sun, 10 Sep 2017, Mark Andrews wrote:
> I suspect that you are forwarding your queries and that your forwarder is
> returning out-of-date addresses.

<snip>

No forwarding here.

________________________________________________________________________
Jay Ford, Network Engineering Group, Information Technology Services
University of Iowa, Iowa City, IA 52242
email: [hidden email], phone: 319-335-5555
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Stefan Sticht
In reply to this post by Mark Andrews
Hi,

thanks for all the suggestions.

I have no forwarders configured.
I started downloading and using the hints file from ftp://FTP.INTERNIC.NET/domain/named.cache shortly after I noticed the problem.

# grep B.ROOT /var/named/named.ca
.                        3600000      NS    B.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201
B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:200::b

I wouldn’t expect a problem with my hints file.

Thanks,
Stefan

> On 10 Sep 2017, at 00:30, Mark Andrews <[hidden email]> wrote:
>
>
> I suspect that you are forwarding your queries and that your forwarder is
> returning out-of-date addresses.
>
> In message <[hidden email]>, Alberto Colosi writes:
>> I haven't seen as from a while I have no servers to admin
>>
>> as I ever say to who I teach ....... right source for right content. nist o=
>> k but .......... better internic as maintaining DNS
>>
>>
>> https://www.internic.net/domain/named.root
>>
>>
>> [cid:2158d269-d79e-445b-8112-c7fce0fbb65f]
>>
>> as obvious , here is right address.
>>
>>
>>
>>
>> ________________________________
>> From: bind-users <[hidden email]> on behalf of Suzanne Wo=
>> olf <[hidden email]>
>> Sent: Saturday, September 9, 2017 8:11 PM
>> To: Stefan Sticht
>> Cc: [hidden email]
>> Subject: Re: checkhints: view =93internal=94: b.root-servers.net/AAAA (2001=
>> :500:200::b) extra record in hints
>>
>>
>> On Sep 9, 2017, at 12:43 PM, Stefan Sticht <[hidden email]<mailto:stefan=
>> @sticht.net>> wrote:
>>
>> Hi,
>>
>> since a couple of weeks i repeatedly see this in all my nameserver logs:
>>
>> Sep  8 12:12:56 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
>> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:200::b) extra r=
>> ecord in hints
>> Sep  8 12:13:03 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
>> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:84::b) missing =
>> from hints
>> Sep  8 12:13:03 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
>> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:200::b) extra r=
>> ecord in hints
>> Sep  8 12:13:07 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
>> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:84::b) missing =
>> from hints
>> Sep  8 12:13:07 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
>> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:200::b) extra r=
>> ecord in hints
>> Sep  8 12:13:11 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
>> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:84::b) missing =
>> from hints
>> Sep  8 12:13:11 ns-01 named[17926]: checkhints: view =93internal=94: b.root=
>> -servers.net/AAAA<http://b.root-servers.net/AAAA> (2001:500:200::b) extra r=
>> ecord in hints
>>
>> You=92re looking to an out-of-date source. The AAAA in the global root zone=
>> for b.root-servers.net<http://b.root-servers.net> was changed several week=
>> s ago; the =93missing=94 address is the old address, and the =93extra recor=
>> d=94 is the new one.
>>
>>
>>
>>
>> Suzanne
>>
>>
>> --_000_CY4PR13MB13818A83CA1DFBFFB0D999B1A26A0CY4PR13MB1381namp_
>> Content-Type: text/html; charset="Windows-1252"
>> Content-Transfer-Encoding: quoted-printable
>>
>> <html>
>> <head>
>> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-1=
>> 252">
>> <style type=3D"text/css" style=3D"display:none;"><!-- P {margin-top:0;margi=
>> n-bottom:0;} --></style>
>> </head>
>> <body dir=3D"ltr">
>> <div id=3D"divtagdefaultwrapper" style=3D"font-size:12pt;color:#000000;font=
>> -family:Calibri,Helvetica,sans-serif;" dir=3D"ltr">
>> <p>I haven't seen as from a while I have no servers to admin <br>
>> </p>
>> <p>as I ever say to who I teach ....... right source for right content. nis=
>> t ok but .......... better internic as maintaining DNS</p>
>> <p><br>
>> </p>
>> <p><a href=3D"https://www.internic.net/domain/named.root" class=3D"OWAAutoL=
>> ink" id=3D"LPlnk853868" previewremoved=3D"true">https://www.internic.net/do=
>> main/named.root</a></p>
>> <p><br>
>> </p>
>> <p><img size=3D"0" contenttype=3D"image/png" style=3D"max-width: 99.9%;" id=
>> =3D"img968046" crossorigin=3D"anonymous" tabindex=3D"0" src=3D"cid:2158d269=
>> -d79e-445b-8112-c7fce0fbb65f"></p>
>> <p>as obvious , here is right address.</p>
>> <p><br>
>> </p>
>> <p><br>
>> </p>
>> <br>
>> <br>
>> <div style=3D"color: rgb(0, 0, 0);">
>> <hr tabindex=3D"-1" style=3D"display:inline-block; width:98%">
>> <div id=3D"divRplyFwdMsg" dir=3D"ltr"><font style=3D"font-size:11pt" color=
>> =3D"#000000" face=3D"Calibri, sans-serif"><b>From:</b> bind-users &lt;bind-=
>> [hidden email]&gt; on behalf of Suzanne Woolf &lt;suzworldwide=
>> @gmail.com&gt;<br>
>> <b>Sent:</b> Saturday, September 9, 2017 8:11 PM<br>
>> <b>To:</b> Stefan Sticht<br>
>> <b>Cc:</b> [hidden email]<br>
>> <b>Subject:</b> Re: checkhints: view =93internal=94: b.root-servers.net/AAA=
>> A (2001:500:200::b) extra record in hints</font>
>> <div>&nbsp;</div>
>> </div>
>> <div><br class=3D"">
>> <div>
>> <blockquote type=3D"cite" class=3D"">
>> <div class=3D"">On Sep 9, 2017, at 12:43 PM, Stefan Sticht &lt;<a href=3D"m=
>> ailto:[hidden email]" class=3D"">[hidden email]</a>&gt; wrote:</div>
>> <br class=3D"Apple-interchange-newline">
>> <div class=3D"">Hi,<br class=3D"">
>> <br class=3D"">
>> since a couple of weeks i repeatedly see this in all my nameserver logs:<br=
>> class=3D"">
>> <br class=3D"">
>> Sep &nbsp;8 12:12:56 ns-01 named[17926]: checkhints: view =93internal=94: <=
>> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
>> b.root-servers.net/AAAA</a> (2001:500:200::b) extra record in hints<br clas=
>> s=3D"">
>> Sep &nbsp;8 12:13:03 ns-01 named[17926]: checkhints: view =93internal=94: <=
>> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
>> b.root-servers.net/AAAA</a> (2001:500:84::b) missing from hints<br class=3D=
>> "">
>> Sep &nbsp;8 12:13:03 ns-01 named[17926]: checkhints: view =93internal=94: <=
>> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
>> b.root-servers.net/AAAA</a> (2001:500:200::b) extra record in hints<br clas=
>> s=3D"">
>> Sep &nbsp;8 12:13:07 ns-01 named[17926]: checkhints: view =93internal=94: <=
>> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
>> b.root-servers.net/AAAA</a> (2001:500:84::b) missing from hints<br class=3D=
>> "">
>> Sep &nbsp;8 12:13:07 ns-01 named[17926]: checkhints: view =93internal=94: <=
>> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
>> b.root-servers.net/AAAA</a> (2001:500:200::b) extra record in hints<br clas=
>> s=3D"">
>> Sep &nbsp;8 12:13:11 ns-01 named[17926]: checkhints: view =93internal=94: <=
>> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
>> b.root-servers.net/AAAA</a> (2001:500:84::b) missing from hints<br class=3D=
>> "">
>> Sep &nbsp;8 12:13:11 ns-01 named[17926]: checkhints: view =93internal=94: <=
>> a href=3D"http://b.root-servers.net/AAAA" class=3D"">
>> b.root-servers.net/AAAA</a> (2001:500:200::b) extra record in hints<br clas=
>> s=3D"">
>> </div>
>> </blockquote>
>> <div><br class=3D"">
>> </div>
>> You=92re looking to an out-of-date source. The AAAA in the global root zone=
>> &nbsp;for <a href=3D"http://b.root-servers.net" class=3D"">
>> b.root-servers.net</a>&nbsp;was changed several weeks ago; the =93missing=
>> =94 address is the old address, and the =93extra record=94 is the new one.<=
>> /div>
>> <div><br class=3D"">
>> </div>
>> <div><br class=3D"">
>> </div>
>> <div><br class=3D"">
>> </div>
>> <div><br class=3D"">
>> </div>
>> <div>Suzanne</div>
>> <div><br class=3D"">
>> </div>
>> </div>
>> </div>
>> </div>
>> </body>
>> </html>
>>
>> --_000_CY4PR13MB13818A83CA1DFBFFB0D999B1A26A0CY4PR13MB1381namp_--
>>
>> --_004_CY4PR13MB13818A83CA1DFBFFB0D999B1A26A0CY4PR13MB1381namp_
>> Content-Type: image/png; name="pastedImage.png"
>> Content-Description: pastedImage.png
>> Content-Disposition: inline; filename="pastedImage.png"; size=1721;
>> creation-date="Sat, 09 Sep 2017 18:25:54 GMT";
>> modification-date="Sat, 09 Sep 2017 18:25:54 GMT"
>> Content-ID: <2158d269-d79e-445b-8112-c7fce0fbb65f>
>> Content-Transfer-Encoding: base64
>>
>> iVBORw0KGgoAAAANSUhEUgAAAjEAAAAyCAIAAAAiBh0kAAAGgElEQVR4nO2dW4KrIAxAuxp343Jc
>> jxtyT70fjhVCwqto09tzvqbUgRAekWiTxxMAAMAHj08LAAAA8Ac2CQAAvIBNAgAAL2CTAADAC9gk
>> AADwAjYJ7mWdHzvTsomvtmX6+25e0+uDsjvK3bBr5U9bifZeBY95WeZEpVdwNmkNZMw5rMrl55fF
>> ctluRdOqftJ69mp0OcX8CAZgaarHlierNmXcLfm79OMQbBLcx7ZM4RYTrZh1VszCtkzHRdsynV9f
>> Xe6MbZmnU7pAccGfkW6vZp1VHWauD+WMZA669QjGQik/KnmNlJhBxXaNuWfq8xRnFnblEK6tnubx
>> qhn380OHflyCTYIPYa3ngHgzOLeCq8u9sS3zsr5sprU33YiwSUW9ibFOOxLVZJU3NKi1m5ZLY2PI
>> Ke9jZmljautpHa/SuCftptJ+IdgkuJnDtRGuzm2ZT1fI+YW0GfqN6/hyb+xybi/fU7ThfcJPE7mJ
>> KjbAaDt9GCbp6KdVfn5q2HN1/VgOZFXO/ZN6H9NcT9t4meOecYBjkwD6ED6NR/iI5C7b81026ZDQ
>> kDPwfV2OOCcVGw5smOrIelXVZZPEAxzDTIb6sc831qMY6SDrrUeXx8Acd85JABcQrKh4fb4WX7y6
>> DF/KBeXeODW1zvNq2c4b9yKhqqLmwhF9mJ6s8b67iOD/Cj49Iefff+/2UnS8uR5VHlNiY9yzt0//
>> sU3a7z6+unfgi9CPIVZr8FXksF+CZ8Lh5ReX+yLQyLZMr3tv8XbBjTY1akqIoe0b4R4ajXTLOw5B
>> A3UdtfUjTzuarRJOt+e2TNM02f0q15MfL0Vvxrjb7R6Xavr5mv0cmwR3ErhZUgeN8iZ44AWRu8G1
>> 5X546SWxRNmXjq8jeec4MRmxNmUHnuv8iMyPXYssb3uOZehHeWd6Xkty7p8jGZvryY+X1Js57la7
>> Bf18zX6O7w4AALyATQIAAC9gkwAAwAvYJAAA8AI2CQAAvIBNAgAAL2CTAADAC5pNIhb9/jWx6K+A
>> XBXNZH7U9TGi2ZuUp/rMRmhTsCPJ6eVWu/nK06qa6sn1y5hXlt7ghXFOIhZ9Tz22PAa/FoueXBVv
>> sM7Tst6UIqnEHpsgDbcW61Nfa3awHaOaKPaHXk8cG6IiTHl003POQ0P+VjnNeWXpDQLqbBKx6IlF
>> PxxyVTSxS+dqO0uFETGHVFlb1WxdH5bHfzetQWGfyvJXVFSYV64G0R+mTQqOtlWH4dADZ5ikM46h
>> Xn5+Ihb9fxyLnlwVPRwT1NN+lj0n6QffZvmt60V5t3szNhhl+avkLMwrT2PokLpzErHoiUU/GnJV
>> NBAMuaPRV6dn9EBWeXbXIrx1fVK+Lcvr4xlWt6oFWX9O/lo5sUnvUGGT0o/a9WegQGLRp/KYEv9i
>> LPoDclXUIm/KnMhZ2Fvlztx2hLGu18ozh5RSIxlV1lWky5OdV9ikLDU2iVj0lfUQi74AuSq6sN/B
>> +SzZvTXUZ9bVoq4L/XqzntivM8vtxFoXOUUa3poqOQvzCpuUpeZdcGLRV9ZDLPoiGb+//hbuz+eq
>> EI8Wk8n3CeS5LXzBTpmeckKX9nrr+kw9esNG/Wc7qbUwq2mQM/7OkPLTY+gXfjMLAABewCYBAIAX
>> sEkAAOAFbBIAAHgBmwQAAF7AJgEAgBewSQAA4AVyVZCr4l7IVdGM9aOuUeU9tOZosMqjVdDQbFLR
>> oPEd1a964l/LA7kq9j/JVXEL9hgZsc2smP9Xl3vEylUxqryB5hwNw3I3GJEXBo3vsH418nUL+VLI
>> VZG0SK6KeyBXRRNWropR5W8K9nw+u/VsTnPtVKKH1epotxT35N1+WfUr5escukd+3T6Rq+L4pM4z
>> clWM5/AgxTEUyVWRx8pVMaq8l6ocDV1xsg2bpO1LXe3mbdL7/WqySY/4GcY3r++3IVeFEJZcFTex
>> kauinmDIpe9oSHkntTkaLsndEPVl7PgO6lc10gr5PrFfDbkqzv8mV8W9kKuiFnlTFsg/pLyHlhwN
>> BT13ntnOfxs5vgP7VY1c7n5n4h2QqyKqjVwVl0Kuii6u8td1b32266RLz9W+u2iriNZvR7vqehzY
>> r0bfnb0x/RrkqrAP3+SqGE+gIuVmVOkYuSqMXBVimnWXd/ibmnM0WOVSuIrnMdbz2vbxTesf1q+M
>> /MY+EP7yxK0H+Sb4zSwAAHgBmwQAAF7AJgEAgBewSQAA4AVsEgAAeAGbBAAAXvgHTj0unmsfMQUA
>> AAAASUVORK5CYII=
>>
>> --_004_CY4PR13MB13818A83CA1DFBFFB0D999B1A26A0CY4PR13MB1381namp_--
>>
>> --===============5302062206301811095==
>> Content-Type: text/plain; charset="us-ascii"
>> MIME-Version: 1.0
>> Content-Transfer-Encoding: 7bit
>> Content-Disposition: inline
>>
>> _______________________________________________
>> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>>
>> bind-users mailing list
>> [hidden email]
>> https://lists.isc.org/mailman/listinfo/bind-users
>> --===============5302062206301811095==--
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: [hidden email]
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/bind-users

_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users

smime.p7s (4K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Timothe Litt
The most sensible thing to do is ignore the message, and keep named
reasonably up-to-date.

I used to maintain a local hints file with a script that periodically
downloads and updates it (from internic or the DNS), reconfiguring named
when it changes.  It works well - but it's really not worth the effort.
I've switched to just using the built-in hints.

The hints are only used to locate a root server ("root priming"); as the
message indicates, once any one is found, named will query it  for the
current servers/addresses and check for consistency.   It uses the query
results; the multiple hints provide redundancy for the initial query -
but you don't need all 13 (26) to be correct.  The only reason to worry
is if most of the hint addresses go stale at once - which would be
unprecedented in the history of the DNS.

Note that when root server addresses go stale, the convention is that
the old address is kept in service for some time after the change, so
there's plenty of time for clients to catch up with no impact.  For B
root, the plan is at least 6 months.
(https://b.root-servers.org/news/2017/06/01/new-ipv6.html)

There does seem to be an issue where if cache memory size is small &
root references rare, the root server records are evicted - causing the
hints to be re-fetched and the messages repeated.  Arguably, named
should treat these as more precious than other records when doing cache
evictions.

But they're just informational messages.  You should run a reasonably
current version of named for security and performance.  As long as you
do, the built-in hints will be perfectly adequate.  Even if you don't,
the hint addresses from a decade ago are adequate to bootstrap named.
The only good reason to have private hints is if you have an alternate
DNS universe - which is highly discouraged.

For more detail, see
https://kb.isc.org/article/AA-01309/0/Root-hints-a-collection-of-operational-and-configuration-FAQs.html

Bottom line is that these messages are a nuisance & in almost all cases
the most effective use of your time is to ignore them... The effort of
maintaining a private copy of the root hints isn't worthwhile.


Timothe Litt
ACM Distinguished Engineer
--------------------------
This communication may not represent the ACM or my employer's views,
if any, on the matters discussed.

On 09-Sep-17 23:14, Stefan Sticht wrote:

> Hi,
>
> thanks for all the suggestions.
>
> I have no forwarders configured.
> I started downloading and using the hints file from ftp://FTP.INTERNIC.NET/domain/named.cache shortly after I noticed the problem.
>
> # grep B.ROOT /var/named/named.ca
> .                        3600000      NS    B.ROOT-SERVERS.NET.
> B.ROOT-SERVERS.NET.      3600000      A     192.228.79.201
> B.ROOT-SERVERS.NET.      3600000      AAAA  2001:500:200::b
>
> I wouldn’t expect a problem with my hints file.
>
> Thanks,
> Stefan
> .org
> https://lists.isc.org/mailman/listinfo/bind-users


_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Re: Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Mark Andrews

In message <[hidden email]>, Timothe Litt writes:
> The most sensible thing to do is ignore the message, and keep named
> reasonably up-to-date.

Well something in the resolution path is changing the answer to
return the old AAAA address which is why I suggested that there may
be a forwarder involved.  One should get a answer like this from
all of the root server addresses.  The exact ordering of the records
may differ.  If one doesn't then something on the path is modifying
the response.

; <<>> DiG 9.12.0-pre-alpha+hotspot+add-prefetch+marka <<>> ns . +norec @a.root-servers.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29723
;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 27

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;. IN NS

;; ANSWER SECTION:
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS m.root-servers.net.

;; ADDITIONAL SECTION:
a.root-servers.net. 518400 IN A 198.41.0.4
b.root-servers.net. 518400 IN A 192.228.79.201
c.root-servers.net. 518400 IN A 192.33.4.12
d.root-servers.net. 518400 IN A 199.7.91.13
e.root-servers.net. 518400 IN A 192.203.230.10
f.root-servers.net. 518400 IN A 192.5.5.241
g.root-servers.net. 518400 IN A 192.112.36.4
h.root-servers.net. 518400 IN A 198.97.190.53
i.root-servers.net. 518400 IN A 192.36.148.17
j.root-servers.net. 518400 IN A 192.58.128.30
k.root-servers.net. 518400 IN A 193.0.14.129
l.root-servers.net. 518400 IN A 199.7.83.42
m.root-servers.net. 518400 IN A 202.12.27.33
a.root-servers.net. 518400 IN AAAA 2001:503:ba3e::2:30
b.root-servers.net. 518400 IN AAAA 2001:500:200::b
c.root-servers.net. 518400 IN AAAA 2001:500:2::c
d.root-servers.net. 518400 IN AAAA 2001:500:2d::d
e.root-servers.net. 518400 IN AAAA 2001:500:a8::e
f.root-servers.net. 518400 IN AAAA 2001:500:2f::f
g.root-servers.net. 518400 IN AAAA 2001:500:12::d0d
h.root-servers.net. 518400 IN AAAA 2001:500:1::53
i.root-servers.net. 518400 IN AAAA 2001:7fe::53
j.root-servers.net. 518400 IN AAAA 2001:503:c27::2:30
k.root-servers.net. 518400 IN AAAA 2001:7fd::1
l.root-servers.net. 518400 IN AAAA 2001:500:9f::42
m.root-servers.net. 518400 IN AAAA 2001:dc3::35

;; Query time: 179 msec
;; SERVER: 2001:503:ba3e::2:30#53(2001:503:ba3e::2:30)
;; WHEN: Mon Sep 11 10:09:10 AEST 2017
;; MSG SIZE  rcvd: 811

--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: [hidden email]
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users
Reply | Threaded
Open this post in threaded view
|

Re: Re: Re: checkhints: view “internal”: b.root-servers.net/AAAA (2001:500:200::b) extra record in hints

Warren Kumari
On Sun, Sep 10, 2017 at 8:15 PM, Mark Andrews <[hidden email]> wrote:

>
> In message <[hidden email]>, Timothe Litt writes:
>> The most sensible thing to do is ignore the message, and keep named
>> reasonably up-to-date.
>
> Well something in the resolution path is changing the answer to
> return the old AAAA address which is why I suggested that there may
> be a forwarder involved.  One should get a answer like this from
> all of the root server addresses.  The exact ordering of the records
> may differ.  If one doesn't then something on the path is modifying
> the response.

... and here's a (really ugly) bit of bash to allow you to check all of them:
for letter in `echo "abcdefghijklm" | grep -o .` ; do echo "Letter:
${letter}"; dig ns . @${letter}.root-servers.net | grep
b.root-servers.net | grep AAAA; done

W

>
> ; <<>> DiG 9.12.0-pre-alpha+hotspot+add-prefetch+marka <<>> ns . +norec @a.root-servers.net
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29723
> ;; flags: qr aa; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 27
>
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 1232
> ;; QUESTION SECTION:
> ;.                              IN      NS
>
> ;; ANSWER SECTION:
> .                       518400  IN      NS      a.root-servers.net.
> .                       518400  IN      NS      b.root-servers.net.
> .                       518400  IN      NS      c.root-servers.net.
> .                       518400  IN      NS      d.root-servers.net.
> .                       518400  IN      NS      e.root-servers.net.
> .                       518400  IN      NS      f.root-servers.net.
> .                       518400  IN      NS      g.root-servers.net.
> .                       518400  IN      NS      h.root-servers.net.
> .                       518400  IN      NS      i.root-servers.net.
> .                       518400  IN      NS      j.root-servers.net.
> .                       518400  IN      NS      k.root-servers.net.
> .                       518400  IN      NS      l.root-servers.net.
> .                       518400  IN      NS      m.root-servers.net.
>
> ;; ADDITIONAL SECTION:
> a.root-servers.net.     518400  IN      A       198.41.0.4
> b.root-servers.net.     518400  IN      A       192.228.79.201
> c.root-servers.net.     518400  IN      A       192.33.4.12
> d.root-servers.net.     518400  IN      A       199.7.91.13
> e.root-servers.net.     518400  IN      A       192.203.230.10
> f.root-servers.net.     518400  IN      A       192.5.5.241
> g.root-servers.net.     518400  IN      A       192.112.36.4
> h.root-servers.net.     518400  IN      A       198.97.190.53
> i.root-servers.net.     518400  IN      A       192.36.148.17
> j.root-servers.net.     518400  IN      A       192.58.128.30
> k.root-servers.net.     518400  IN      A       193.0.14.129
> l.root-servers.net.     518400  IN      A       199.7.83.42
> m.root-servers.net.     518400  IN      A       202.12.27.33
> a.root-servers.net.     518400  IN      AAAA    2001:503:ba3e::2:30
> b.root-servers.net.     518400  IN      AAAA    2001:500:200::b
> c.root-servers.net.     518400  IN      AAAA    2001:500:2::c
> d.root-servers.net.     518400  IN      AAAA    2001:500:2d::d
> e.root-servers.net.     518400  IN      AAAA    2001:500:a8::e
> f.root-servers.net.     518400  IN      AAAA    2001:500:2f::f
> g.root-servers.net.     518400  IN      AAAA    2001:500:12::d0d
> h.root-servers.net.     518400  IN      AAAA    2001:500:1::53
> i.root-servers.net.     518400  IN      AAAA    2001:7fe::53
> j.root-servers.net.     518400  IN      AAAA    2001:503:c27::2:30
> k.root-servers.net.     518400  IN      AAAA    2001:7fd::1
> l.root-servers.net.     518400  IN      AAAA    2001:500:9f::42
> m.root-servers.net.     518400  IN      AAAA    2001:dc3::35
>
> ;; Query time: 179 msec
> ;; SERVER: 2001:503:ba3e::2:30#53(2001:503:ba3e::2:30)
> ;; WHEN: Mon Sep 11 10:09:10 AEST 2017
> ;; MSG SIZE  rcvd: 811
>
> --
> Mark Andrews, ISC
> 1 Seymour St., Dundas Valley, NSW 2117, Australia
> PHONE: +61 2 9871 4742                 INTERNET: [hidden email]
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
>
> bind-users mailing list
> [hidden email]
> https://lists.isc.org/mailman/listinfo/bind-users



--
I don't think the execution is relevant when it was obviously a bad
idea in the first place.
This is like putting rabid weasels in your pants, and later expressing
regret at having chosen those particular rabid weasels and that pair
of pants.
   ---maf
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list

bind-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/bind-users