[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[public-dns-discuss] Re: Inconsistent response for one specific A record



Still inconsistent, and not changing. Running 

for i in `seq 1 100`; do dig soa dnswl.org @8.8.8.8 +short; done | sort | uniq -c | sort -rn

from a server in Europe, the result shows three different SOAs, two of which are ancient (SOA serial 1902152303 and 1902152221, while 1903112142 would be correct - format is YYMMDDHHmm). 

Running the same from a server in Singapore and US west coast, it consistently only shows SOA serial 1903112142. 

So apparently one „European“ instance of 8.8.8.8 (and 8.8.4.4, no difference in result) has stale data.
-- 
Matthias Leisi
Katzenrütistrasse 68, 8153 Rümlang
Mobile +41 79 377 04 43
matthias AT leisi.net
Skype matthias.leisi


Am 15.03.2019 um 11:49 schrieb Matthias Leisi <matthias AT leisi.net>:

We are seeing an inconsistent response from 8.8.4.4 on „sa-update.dnswl.org“ (used in SpamAssassin update script). 

The A record was changed on March 11 to 116.203.4.105, and we flushed resolver cache at https://developers.google.com/speed/public-dns/cache on March 13. 

*Most* of the time, we receive the expected response:


# dig a sa-update.dnswl.org @8.8.4.4
(...)
;; ANSWER SECTION:
sa-update.dnswl.org.    21591   IN      A       116.203.4.105

But sometimes the response is unexpected:

# dig a sa-update.dnswl.org @8.8.4.4

; <<>> DiG 9.10.3-P4-Debian <<>> a sa-update.dnswl.org @8.8.4.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56063
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;sa-update.dnswl.org.           IN      A

;; ANSWER SECTION:
sa-update.dnswl.org.    18965   IN      A       78.47.167.123

;; Query time: 11 msec
;; SERVER: 8.8.4.4#53(8.8.4.4)
;; WHEN: Fri Mar 15 11:38:57 CET 2019
;; MSG SIZE  rcvd: 64

Also, we sometimes get the former SOA value (1902152221) instead of the current one (1903112142). Format of the SOA is YYMMDDHHmm, i.e. 2019 March 11 21:42. 

(Note the „YOU.ARE.BLOCKED“ in the SOA indicates that the list.dnswl.org zone can not be queried through public DNS servers, but this is not related to the sa-update.dnswl.org name.)

https://dns.google.com/query?name=sa-update.dnswl.org seems to always return the current value/SOA.

The domain is not DNSSEC-enabled.

The queries in the example here came from 94.130.169.93/2a01:4f8:c0c:4526::2 located in Germany, others come from an internal SpamAssassin machine located in France.

Any ideas how to further debug/diagnose?

Thanks,
— Matthias

-- 
Matthias Leisi
Katzenrütistrasse 68, 8153 Rümlang
Mobile +41 79 377 04 43
matthias AT leisi.net
Skype matthias.leisi



--
You received this message because you are subscribed to the Google Groups "public-dns-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public-dns-discuss+unsubscribe AT googlegroups.com.
To post to this group, send email to public-dns-discuss AT googlegroups.com.
Visit this group at https://groups.google.com/group/public-dns-discuss.
To view this discussion on the web visit https://groups.google.com/d/msgid/public-dns-discuss/AF8244E5-7FAF-4F3F-AF8E-10AED0EDB2E9%40leisi.net.
For more options, visit https://groups.google.com/d/optout.

Attachment: smime.p7s
Description: S/MIME cryptographic signature