[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[public-dns-discuss] Re: Inconsistent response for one specific A record

Still inconsistent, and not changing. Running 

for i in `seq 1 100`; do dig soa dnswl.org @ +short; done | sort | uniq -c | sort -rn

from a server in Europe, the result shows three different SOAs, two of which are ancient (SOA serial 1902152303 and 1902152221, while 1903112142 would be correct - format is YYMMDDHHmm). 

Running the same from a server in Singapore and US west coast, it consistently only shows SOA serial 1903112142. 

So apparently one „European“ instance of (and, no difference in result) has stale data.
Matthias Leisi
Katzenrütistrasse 68, 8153 Rümlang
Mobile +41 79 377 04 43
matthias AT leisi.net
Skype matthias.leisi

Am 15.03.2019 um 11:49 schrieb Matthias Leisi <matthias AT leisi.net>:

We are seeing an inconsistent response from on „sa-update.dnswl.org“ (used in SpamAssassin update script). 

The A record was changed on March 11 to, and we flushed resolver cache at https://developers.google.com/speed/public-dns/cache on March 13. 

*Most* of the time, we receive the expected response:

# dig a sa-update.dnswl.org @
sa-update.dnswl.org.    21591   IN      A

But sometimes the response is unexpected:

# dig a sa-update.dnswl.org @

; <<>> DiG 9.10.3-P4-Debian <<>> a sa-update.dnswl.org @
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56063
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 512
;sa-update.dnswl.org.           IN      A

sa-update.dnswl.org.    18965   IN      A

;; Query time: 11 msec
;; WHEN: Fri Mar 15 11:38:57 CET 2019
;; MSG SIZE  rcvd: 64

Also, we sometimes get the former SOA value (1902152221) instead of the current one (1903112142). Format of the SOA is YYMMDDHHmm, i.e. 2019 March 11 21:42. 

(Note the „YOU.ARE.BLOCKED“ in the SOA indicates that the list.dnswl.org zone can not be queried through public DNS servers, but this is not related to the sa-update.dnswl.org name.)

https://dns.google.com/query?name=sa-update.dnswl.org seems to always return the current value/SOA.

The domain is not DNSSEC-enabled.

The queries in the example here came from located in Germany, others come from an internal SpamAssassin machine located in France.

Any ideas how to further debug/diagnose?

— Matthias

Matthias Leisi
Katzenrütistrasse 68, 8153 Rümlang
Mobile +41 79 377 04 43
matthias AT leisi.net
Skype matthias.leisi

You received this message because you are subscribed to the Google Groups "public-dns-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public-dns-discuss+unsubscribe AT googlegroups.com.
To post to this group, send email to public-dns-discuss AT googlegroups.com.
Visit this group at https://groups.google.com/group/public-dns-discuss.
To view this discussion on the web visit https://groups.google.com/d/msgid/public-dns-discuss/AF8244E5-7FAF-4F3F-AF8E-10AED0EDB2E9%40leisi.net.
For more options, visit https://groups.google.com/d/optout.

Attachment: smime.p7s
Description: S/MIME cryptographic signature