I query the PTR Resource Record that is hosted on DNS Server/
115.84.177.8 (reverse zone: 250.0-24.199.212.125.in-addr.arpa). However, >There is a difference between when querying directly the PTR RR and
querying Any RR.
The results of two case below:
*Case 1: Query the PTR RR directly, i meet the error: "Question section >mismatch" like:*
dig @115.84.177.8 250.0-24.199.212.125.in-addr.arpa ptr
;; Question section mismatch: got 255.0.199.212.in-addr.arpa/PTR/IN
;; Question section mismatch: got 255.0.199.212.in-addr.arpa/PTR/IN
;; Question section mismatch: got 255.0.199.212.in-addr.arpa/PTR/IN
What is the error "Query section mismatch"? and the why? Can anybody help
me!
*Case 2: Query Any RR, the result like here*
dig @115.84.177.8 250.0-24.199.212.125.in-addr.arpa any
; <<>> DiG 9.10.4-P3 <<>> @115.84.177.8 250.0-24.199.212.125.in-addr.arpa
any
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12424
;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 3, ADDITIONAL: 21
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;250.0-24.199.212.125.in-addr.arpa. IN ANY
;; ANSWER SECTION:
250.0-24.199.212.125.in-addr.arpa. 360 IN PTR smtp.vss.gov.vn. >250.0-24.199.212.125.in-addr.arpa. 360 IN PTR baohiemxahoi.gov.vn.
;; AUTHORITY SECTION:
199.212.125.in-addr.arpa. 360 IN NS ns.viettelidc.com.vn. >199.212.125.in-addr.arpa. 360 IN NS ns1.viettelidc.com.vn. >199.212.125.in-addr.arpa. 360 IN NS ns2.viettelidc.com.vn.
again, why you query for 250.0-24.199.212.125.in-addr.arpa
under normal circumstances there's no point of querying that name.
On Wed, Aug 19, 2020 at 7:42 AM Matus UHLAR - fantomas
<uhlar@fantomas.sk> wrote:
again, why you query for 250.0-24.199.212.125.in-addr.arpa
under normal circumstances there's no point of querying that name.
Well yes and no. While an individual user would typically not,
resolvers sure will. While trying to resolve
250.199.212.125.in-addr.arpa, it will eventually get to >250.199.212.125.in-addr.arpa CNAME 250.0-24.199.212.125.in-addr.arpa.
Then it will need to resolve the canonical name, and a response like
the original one that was shown will be clearly buggy.
I say "possibly" because from my vantage, all three of >ns{,1,2}.viettelidc.com.vn, the authorities for >0-24.199.212.125.in-addr.arpa, are giving fine answers right now (on
udp; blocked on tcp). This includes the originally reported problem
IP, 115.84.177.8
On 20 Aug 2020, at 00:41, Matus UHLAR - fantomas <uhlar@fantomas.sk> wrote:Presumably because they don’t know that APNIC can delegate the /24s that make up the /17 independently of each other.
On Wed, Aug 19, 2020 at 7:42 AM Matus UHLAR - fantomas
<uhlar@fantomas.sk> wrote:
again, why you query for 250.0-24.199.212.125.in-addr.arpa
under normal circumstances there's no point of querying that name.
On 19.08.20 10:05, tale via bind-users wrote:
Well yes and no. While an individual user would typically not,
resolvers sure will. While trying to resolve
250.199.212.125.in-addr.arpa, it will eventually get to
250.199.212.125.in-addr.arpa CNAME 250.0-24.199.212.125.in-addr.arpa.
my question is why would anyone do this, as this apparently does not make sense.
someone (vietel) illogically delegated whole /24 subnet to broken servers:
199.212.125.in-addr.arpa. 86400 IN NS dns2.vietel.com.vn. 199.212.125.in-addr.arpa. 86400 IN NS dns1.vietel.com.vn.
0.199.212.125.in-addr.arpa has address 125.235.4.59 1.199.212.125.in-addr.arpa is an alias for 1.0-24.199.212.125.in-addr.arpa. ...
255.199.212.125.in-addr.arpa is an alias for 255.0-24.199.212.125.in-addr.arpa.
Then it will need to resolve the canonical name, and a response like
the original one that was shown will be clearly buggy.
I say "possibly" because from my vantage, all three of
ns{,1,2}.viettelidc.com.vn, the authorities for
0-24.199.212.125.in-addr.arpa, are giving fine answers right now (on
udp; blocked on tcp). This includes the originally reported problem
IP, 115.84.177.8
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Fucking windows! Bring Bill Gates! (Southpark the movie) _______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list
ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list--
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
On 20 Aug 2020, at 00:41, Matus UHLAR - fantomas <uhlar@fantomas.sk> wrote: >>
On Wed, Aug 19, 2020 at 7:42 AM Matus UHLAR - fantomas
<uhlar@fantomas.sk> wrote:
again, why you query for 250.0-24.199.212.125.in-addr.arpa
under normal circumstances there's no point of querying that name.
On 19.08.20 10:05, tale via bind-users wrote:
Well yes and no. While an individual user would typically not,
resolvers sure will. While trying to resolve
250.199.212.125.in-addr.arpa, it will eventually get to
250.199.212.125.in-addr.arpa CNAME 250.0-24.199.212.125.in-addr.arpa.
my question is why would anyone do this, as this apparently does not make
sense.
Presumably because they don’t know that APNIC can delegate the /24s that make
up the /17 independently of each other.
someone (vietel) illogically delegated whole /24 subnet to broken servers: >>
199.212.125.in-addr.arpa. 86400 IN NS dns2.vietel.com.vn.
199.212.125.in-addr.arpa. 86400 IN NS dns1.vietel.com.vn.
0.199.212.125.in-addr.arpa has address 125.235.4.59
1.199.212.125.in-addr.arpa is an alias for 1.0-24.199.212.125.in-addr.arpa. >> ...
255.199.212.125.in-addr.arpa is an alias for 255.0-24.199.212.125.in-addr.arpa.
24s thatmakeOn 20 Aug 2020, at 00:41, Matus UHLAR - fantomas <uhlar@fantomas.sk> wrote:
On Wed, Aug 19, 2020 at 7:42 AM Matus UHLAR - fantomas
<uhlar@fantomas.sk> wrote:
again, why you query for 250.0-24.199.212.125.in-addr.arpa
under normal circumstances there's no point of querying that name.
On 19.08.20 10:05, tale via bind-users wrote:
Well yes and no. While an individual user would typically not,
resolvers sure will. While trying to resolve
250.199.212.125.in-addr.arpa, it will eventually get to
250.199.212.125.in-addr.arpa CNAME 250.0-24.199.212.125.in-addr.arpa.
my question is why would anyone do this, as this apparently does not
sense.
On 20.08.20 00:59, Mark Andrews wrote:
Presumably because they don=E2=80=99t know that APNIC can delegate the /=
make
up the /17 independently of each other.
even if not, they can fetch whole /24 from their customer (requiring
customer to add their NSes as long).
but, yes, in case of very incompetent customer they can require such delegation.
Sservers:someone (vietel) illogically delegated whole /24 subnet to broken
199.212.125.in-addr.arpa. 86400 IN NS dns2.vietel.com.vn.
199.212.125.in-addr.arpa. 86400 IN NS dns1.vietel.com.vn.
0.199.212.125.in-addr.arpa has address 125.235.4.59
1.199.212.125.in-addr.arpa is an alias for 1.0-24.199.212.125.in-addr.arpa.
...
255.199.212.125.in-addr.arpa is an alias for 255.0-24.199.212.125.in-addr.arpa.
delegation from apnic to vietel:
199.212.125.in-addr.arpa. 86400 IN NS dns2.vietel.com.vn. 199.212.125.in-addr.arpa. 86400 IN NS dns1.vietel.com.vn. 199.212.125.in-addr.arpa. 3600 IN NSEC 2.212.125.in-addr.arpa. N=
RRSIG NSEC
199.212.125.in-addr.arpa. 3600 IN RRSIG NSEC 13 5 3600
20200917160047 20200818150047 30887 125.in-addr.arpa. 5ixPuj/J+cDFSDwxy3MSMs1xkmpGrdzhrmjiodo6CkEBazwUxojGfIYU R5MNZCbDoMZEF4Fq8eL9lcsZgrBctA=3D=3D
;; Received 321 bytes from 203.119.95.53#53(ns2.apnic.net) in 255 ms
delegation from vietel to vietelidc:
0-24.199.212.125.in-addr.arpa. 86400 IN NS ns.viettelidc.com.vn. 0-24.199.212.125.in-addr.arpa. 86400 IN NS ns2.viettelidc.com.vn. 0-24.199.212.125.in-addr.arpa. 86400 IN NS ns1.viettelidc.com.vn.
;; Received 160 bytes from 203.113.188.2#53(dns2.vietel.com.vn) in 367 ms
zone 199.212.125.in-addr.arpa. at vietelidc who is supposed to provide 0-24.199.212.125.in-addr.arpa:
199.212.125.in-addr.arpa. 2560 IN SOA ns.viettelidc.com.vn. hostmaster.199.212.125.in-addr.arpa. 1597850355 16384 2048 1048576 2560
;; Received 129 bytes from 115.84.181.10#53(ns2.viettelidc.com.vn) in 291
ms
vietelidc is in this case the problem:
1. they block DNS over TCP
2. they should have configured zone 0-24.199.212.125.in-addr.arpa
although it's possible that viettelidc.com.vn asked vietel.com.vn to
delegate 199.212.125.in-addr.arpa.
and vietel.com.vn messed it up...
--
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
If Barbie is so popular, why do you have to buy her friends? _______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
ISC funds the development of this software with paid support
subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
my question is why would anyone do this, as this apparently does not mak=e
sense.
keOn 20 Aug 2020, at 00:41, Matus UHLAR - fantomas <uhlar@fantomas.sk>wrote:
On Wed, Aug 19, 2020 at 7:42 AM Matus UHLAR - fantomas
<uhlar@fantomas.sk> wrote:
again, why you query for 250.0-24.199.212.125.in-addr.arpa
under normal circumstances there's no point of querying that name.
On 19.08.20 10:05, tale via bind-users wrote:
Well yes and no. While an individual user would typically not,
resolvers sure will. While trying to resolve
250.199.212.125.in-addr.arpa, it will eventually get to
250.199.212.125.in-addr.arpa CNAME 250.0-24.199.212.125.in-addr.arpa.
my question is why would anyone do this, as this apparently does not ma=
4s thatsense.
Presumably because they don=E2=80=99t know that APNIC can delegate the /2=
make
up the /17 independently of each other.
someone (vietel) illogically delegated whole /24 subnet to brokenservers:
199.212.125.in-addr.arpa. 86400 IN NS dns2.vietel.com.vn. 199.212.125.in-addr.arpa. 86400 IN NS dns1.vietel.com.vn.
0.199.212.125.in-addr.arpa has address 125.235.4.59 1.199.212.125.in-addr.arpa is an alias for1.0-24.199.212.125.in-addr.arpa.
...255.0-24.199.212.125.in-addr.arpa.
255.199.212.125.in-addr.arpa is an alias for
Then it will need to resolve the canonical name, and a response like
the original one that was shown will be clearly buggy.
I say "possibly" because from my vantage, all three of
ns{,1,2}.viettelidc.com.vn, the authorities for
0-24.199.212.125.in-addr.arpa, are giving fine answers right now (on
udp; blocked on tcp). This includes the originally reported problem
IP, 115.84.177.8
--unsubscribe from this list
Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Fucking windows! Bring Bill Gates! (Southpark the movie) _______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
ISC funds the development of this software with paid supportsubscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka@isc.org
_______________________________________________
Please visit https://lists.isc.org/mailman/listinfo/bind-users to
unsubscribe from this list
ISC funds the development of this software with paid support
subscriptions. Contact us at https://www.isc.org/contact/ for more information.
bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users
my question is why would anyone do this, as this apparently does not make
sense.
Because when I was from a server that was querying the reverse record >250.199.212.125.in-addr.arpa it gave an error with the "SERVFAIL" error
code so I tried to query directly to the hosting that managed it to
determine the cause.
On Wed, Aug 19, 2020 at 7:42 AM Matus UHLAR - fantomas
<uhlar@fantomas.sk> wrote:
again, why you query for 250.0-24.199.212.125.in-addr.arpa
under normal circumstances there's no point of querying that name.
On 19.08.20 10:05, tale via bind-users wrote:
Well yes and no. While an individual user would typically not,
resolvers sure will. While trying to resolve
250.199.212.125.in-addr.arpa, it will eventually get to
250.199.212.125.in-addr.arpa CNAME 250.0-24.199.212.125.in-addr.arpa.
On 20 Aug 2020, at 00:41, Matus UHLAR - fantomas <uhlar@fantomas.sk>
wrote:
my question is why would anyone do this, as this apparently does not make >> > sense.
Vào Th 4, 19 thg 8, 2020 vào lúc 22:00 Mark Andrews <marka@isc.org> đã >viết:
Presumably because they don’t know that APNIC can delegate the /24s that >> make
up the /17 independently of each other.
Sysop: | DaiTengu |
---|---|
Location: | Appleton, WI |
Users: | 970 |
Nodes: | 10 (2 / 8) |
Uptime: | 105:32:15 |
Calls: | 12,740 |
Calls today: | 2 |
Files: | 186,574 |
Messages: | 3,171,695 |