Dns-operations

Popular Threads From Dns-operations:

Missing .us and GTLD records??

Online DNSSEC debugging tool now availalbe

.de DNS servers returning NXDOMAIN

The possible problems after May 5th

Uspto.gov

List Statistics

Total Threads: 386
Total Posts: 705

Phrases Used to Find This Thread

Page 1 of 1

19-05-2010 12:57 AM

Dns-operations member admin is online now

User

19-05-2010 01:04 AM

Dns-operations member admin is online now

User

19-05-2010 01:10 AM

Dns-operations member admin is online now

User

19-05-2010 02:38 AM

Dns-operations member admin is online now

User

19-05-2010 03:09 AM

Dns-operations member admin is online now

User

19-05-2010 04:57 AM

Dns-operations member admin is online now

User

19-05-2010 06:42 AM

Dns-operations member admin is online now

User

19-05-2010 07:03 AM

Dns-operations member admin is online now

User

19-05-2010 11:01 AM

Dns-operations member admin is online now

User

#10

19-05-2010 02:43 PM

Dns-operations member admin is online now

User

#11

19-05-2010 03:12 PM

Dns-operations member admin is online now

User

#12

19-05-2010 03:35 PM

Dns-operations member admin is online now

User

#13

19-05-2010 03:55 PM

Dns-operations member admin is online now

User

#14

19-05-2010 07:52 PM

Dns-operations member admin is online now

User

#15

19-05-2010 10:03 PM

Dns-operations member admin is online now

User

This is my first time posting, so please be gentle, this info has to do
with GTLD delegations, specific to ".us"

So after registering some '.us' domains, I was using 'dig +trace' to
verify the delegations got published on the GTLD servers.

Here is what I noticed, (you can repeat this, just pick any .us domain and
run repeated 'dig +trace' for it)

It looks like there are missing .us GTLD records??

Something tells me this is not normal.
======================================
;; Received 472 bytes from 192.228.79.201#53(b.root-servers.net) in 113 ms

dig: Couldn't find server 'j.gtld.biz': Name or service not known
======================================
;; Received 472 bytes from 192.33.4.12#53(c.root-servers.net) in 21 ms

dig: Couldn't find server 'j.cctld.us': Name or service not known
======================================
Sure enough,
You can confirm with plain old BIND, the "A" records do not exist, (just
the glue, but not the A), should not all 'Registered Name Servers' have
the 'A' records published, or am I totally wrong here.

======================================

;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35494
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;j.gtld.biz. IN A

;; AUTHORITY SECTION:
gtld.biz. 6869 IN SOA a.gtld.biz.
hostmaster.neustar.biz. 1109166320 10800 3600 1209600 43200

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(localhost.)
;; WHEN: Tue May 18 17:05:42 2010
;; MSG SIZE rcvd: 85

===================================================

;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9408
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;j.cctld.us. IN A

;; AUTHORITY SECTION:
us. 559 IN SOA a.gtld.biz.
hostmaster.neustar.biz. 2004312556 900 900 604800 86400

;; Query time: 4 msec
;; SERVER: 127.0.0.1#53(localhost.)
;; WHEN: Tue May 18 17:05:53 2010
;; MSG SIZE rcvd: 93
====================================================

Thanks for your input.

Luis Uribarri
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. > dig: Couldn't find server 'j.gtld.biz': Name or service not known
> ======================================
> ;; Received 472 bytes from 192.33.4.12#53(c.root-servers.net) in 21 ms
>
> dig: Couldn't find server 'j.cctld.us': Name or service not known
> ======================================
> Sure enough,
> You can confirm with plain old BIND, the "A" records do not exist, (just
> the glue, but not the A), should not all 'Registered Name Servers' have
> the 'A' records published, or am I totally wrong here.

You are using an older version of dig that assumes all servers have A
records. The above servers only have AAAA records, which is perfectly
valid.
--
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. Yup....

The are "AAAA" only...

$ nslookup -type=AAAA j.gtld.biz.
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
j.gtld.biz has AAAA address 2001:503:a124:ffff:ffff:ffff:ffff:ff7e

$ nslookup -type=AAAA j.cctld.us.
Server: 127.0.0.1
Address: 127.0.0.1#53

Non-authoritative answer:
j.cctld.us has AAAA address 2001:503:a124:ffff:ffff:ffff:ffff:ff7e

(And they are they same address, interesting)

I need update my dig...

Thanks!!!

> Date: Tue, 18 May 2010 19:57:05 -0400
> Subject: [dns-operations] Missing .us and GTLD records??
>
>
> This is my first time posting, so please be gentle, this info has to do
> with GTLD delegations, specific to ".us"
>
> So after registering some '.us' domains, I was using 'dig +trace' to
> verify the delegations got published on the GTLD servers.
>
> Here is what I noticed, (you can repeat this, just pick any .us domain and
> run repeated 'dig +trace' for it)
>
> It looks like there are missing .us GTLD records??
>
> Something tells me this is not normal.
> ======================================
> ;; Received 472 bytes from 192.228.79.201#53(b.root-servers.net) in 113 ms
>
> dig: Couldn't find server 'j.gtld.biz': Name or service not known
> ======================================
> ;; Received 472 bytes from 192.33.4.12#53(c.root-servers.net) in 21 ms
>
> dig: Couldn't find server 'j.cctld.us': Name or service not known
> ======================================
> Sure enough,
> You can confirm with plain old BIND, the "A" records do not exist, (just
> the glue, but not the A), should not all 'Registered Name Servers' have
> the 'A' records published, or am I totally wrong here.
>
>
> ======================================
>
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 35494
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;j.gtld.biz. IN A
>
> ;; AUTHORITY SECTION:
> gtld.biz. 6869 IN SOA a.gtld.biz.
> hostmaster.neustar.biz. 1109166320 10800 3600 1209600 43200
>
> ;; Query time: 4 msec
> ;; SERVER: 127.0.0.1#53(localhost.)
> ;; WHEN: Tue May 18 17:05:42 2010
> ;; MSG SIZE rcvd: 85
>
> ===================================================
>
>
> ;; global options: printcmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 9408
> ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
>
> ;; QUESTION SECTION:
> ;j.cctld.us. IN A
>
> ;; AUTHORITY SECTION:
> us. 559 IN SOA a.gtld.biz.
> hostmaster.neustar.biz. 2004312556 900 900 604800 86400
>
> ;; Query time: 4 msec
> ;; SERVER: 127.0.0.1#53(localhost.)
> ;; WHEN: Tue May 18 17:05:53 2010
> ;; MSG SIZE rcvd: 93
> ====================================================
>
> Thanks for your input.
>
>
> Luis Uribarri
> _______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. > > dig: Couldn't find server 'j.gtld.biz': Name or service not known
> > ======================================
> > ;; Received 472 bytes from 192.33.4.12#53(c.root-servers.net) in 21 ms
> >
> > dig: Couldn't find server 'j.cctld.us': Name or service not known
> > ======================================
> > Sure enough,
> > You can confirm with plain old BIND, the "A" records do not exist, (just
> > the glue, but not the A), should not all 'Registered Name Servers' have
> > the 'A' records published, or am I totally wrong here.
>
> You are using an older version of dig that assumes all servers have A
> records. The above servers only have AAAA records, which is perfectly
> valid.

Or the OS doesn't have IPv6 turned on. Time to turn on IPv6.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. On Wed, 19 May 2010 11:38:41 +1000

>
> > > dig: Couldn't find server 'j.gtld.biz': Name or service not known
> > > ======================================
> > > ;; Received 472 bytes from 192.33.4.12#53(c.root-servers.net) in 21 ms
> > >
> > > dig: Couldn't find server 'j.cctld.us': Name or service not known
> > > ======================================
> > > Sure enough,
> > > You can confirm with plain old BIND, the "A" records do not exist, (just
> > > the glue, but not the A), should not all 'Registered Name Servers' have
> > > the 'A' records published, or am I totally wrong here.
> >
> > You are using an older version of dig that assumes all servers have A
> > records. The above servers only have AAAA records, which is perfectly
> > valid.
>
> Or the OS doesn't have IPv6 turned on. Time to turn on IPv6.

Then, when should we turn off IPv4 and remove A records ?

--
------------------------------------------------------------------------------
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. > On Wed, 19 May 2010 11:38:41 +1000
>
> >
> > > > dig: Couldn't find server 'j.gtld.biz': Name or service not known
> > > > ======================================
> > > > ;; Received 472 bytes from 192.33.4.12#53(c.root-servers.net) in 21 ms
> > > >
> > > > dig: Couldn't find server 'j.cctld.us': Name or service not known
> > > > ======================================
> > > > Sure enough,
> > > > You can confirm with plain old BIND, the "A" records do not exist, (jus
> t
> > > > the glue, but not the A), should not all 'Registered Name Servers' have
>
> > > > the 'A' records published, or am I totally wrong here.
> > >
> > > You are using an older version of dig that assumes all servers have A
> > > records. The above servers only have AAAA records, which is perfectly
> > > valid.
> >
> > Or the OS doesn't have IPv6 turned on. Time to turn on IPv6.
>
> Then, when should we turn off IPv4 and remove A records ?

At this point *everyone* should be in the process of bringing up IPv6.
There are a few more years to go before we should be turning off IPv4.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. On 05/18/10 20:57, Mark Andrews wrote:
>
>> On Wed, 19 May 2010 11:38:41 +1000
>>
>>>
>>>>> dig: Couldn't find server 'j.gtld.biz': Name or service not known
>>>>> ======================================
>>>>> ;; Received 472 bytes from 192.33.4.12#53(c.root-servers.net) in 21 ms
>>>>>
>>>>> dig: Couldn't find server 'j.cctld.us': Name or service not known
>>>>> ======================================
>>>>> Sure enough,
>>>>> You can confirm with plain old BIND, the "A" records do not exist, (jus
>> t
>>>>> the glue, but not the A), should not all 'Registered Name Servers' have
>>
>>>>> the 'A' records published, or am I totally wrong here.
>>>>
>>>> You are using an older version of dig that assumes all servers have A
>>>> records. The above servers only have AAAA records, which is perfectly
>>>> valid.
>>>
>>> Or the OS doesn't have IPv6 turned on. Time to turn on IPv6.
>>
>> Then, when should we turn off IPv4 and remove A records ?
>
> At this point *everyone* should be in the process of bringing up IPv6.
> There are a few more years to go before we should be turning off IPv4.

Moreover, "adopting IPv6" does not necessarily require "abating IPv4" at
the same time.

michael
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2010-05-19 12:42 AM, Michael Sinatra wrote:

> Moreover, "adopting IPv6" does not necessarily require "abating IPv4" at
> the same time.

Indeed.

One big difference though is that in the not to distant future, the
price of an IPv4 address may increase dramatically. That is what
happens when a resource runs out. We may start finding that the cost of
not using IPv6 will be higher than the cost of deploying it.

I also think people are seeing that it isn't going to be a pure world
for quite some time; IPv4 can't just be switched off, indeed may never
be so. However, for some, the reality of a IPv6 only service is
suddenly becoming more likely.

- --Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkvzfxoACgkQ+NNi0s9NRJ0OPgCfVE3JBis49BnooSc9wJEs7+9R
dd4AoIt1zLDx6dlGZ88JGKvtpBBTWxaS
=md1h
-----END PGP SIGNATURE-----
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. On Wed, May 19, 2010 at 11:38:41AM +1000, Mark Andrews wrote:
>
> > > dig: Couldn't find server 'j.gtld.biz': Name or service not known
> > > ======================================
> > > ;; Received 472 bytes from 192.33.4.12#53(c.root-servers.net) in 21 ms
> > >
> > > dig: Couldn't find server 'j.cctld.us': Name or service not known
> > > ======================================
> > > Sure enough,
> > > You can confirm with plain old BIND, the "A" records do not exist, (just
> > > the glue, but not the A), should not all 'Registered Name Servers' have
> > > the 'A' records published, or am I totally wrong here.
> >
> > You are using an older version of dig that assumes all servers have A
> > records. The above servers only have AAAA records, which is perfectly
> > valid.
>
> Or the OS doesn't have IPv6 turned on. Time to turn on IPv6.
>
> Mark
> --
> Mark Andrews, ISC

v6 transport has nothing to do w/ the contents of
the datagram. He asked for "A" records (thats what the
tool -assumes-, and when none were found, it told him
so...

--bill
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. oshi.com writes:
> On Wed, May 19, 2010 at 11:38:41AM +1000, Mark Andrews wrote:
> >
> > > > dig: Couldn't find server 'j.gtld.biz': Name or service not known
> > > > ======================================
> > > > ;; Received 472 bytes from 192.33.4.12#53(c.root-servers.net) in 21 ms
> > > >
> > > > dig: Couldn't find server 'j.cctld.us': Name or service not known
> > > > ======================================
> > > > Sure enough,
> > > > You can confirm with plain old BIND, the "A" records do not exist, (jus
> t
> > > > the glue, but not the A), should not all 'Registered Name Servers' have
>
> > > > the 'A' records published, or am I totally wrong here.
> > >
> > > You are using an older version of dig that assumes all servers have A
> > > records. The above servers only have AAAA records, which is perfectly
> > > valid.
> >
> > Or the OS doesn't have IPv6 turned on. Time to turn on IPv6.
> >
> > Mark
> > --
> > Mark Andrews, ISC
>
> v6 transport has nothing to do w/ the contents of
> the datagram. He asked for "A" records (thats what the
> tool -assumes-, and when none were found, it told him
> so...

Bill, the message "Couldn't find server 'j.gtld.biz': Name or service
not known" is sensitive the to query transport. If he had had working
IPv6 support the original lookups would have succeeded (assuming the
server was up).

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. > Date: Wed, 19 May 2010 01:03:07 -0500
> ...
> I also think people are seeing that it isn't going to be a pure world
> for quite some time; IPv4 can't just be switched off, indeed may never
> be so. However, for some, the reality of a IPv6 only service is
> suddenly becoming more likely.

that's more or less what we said about PDP11 compatibility mode in the VAX,
and about 8086 compatibility mode in the 80386. yet, here we all are. i think
that once things start to change they will change pretty quickly. and i've
still got some 2.5MByte "Hawk" disk packs i'd like to read if anybody's got
an old CDC drive and some kind of interface to it.
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. :
>
> On 2010-05-18, at 23:57, Mark Andrews wrote:
>
> > There are a few more years to go before we should be turning off IPv4.
>
> I would estimate twenty years. But then I'm optimistic.
>
> Joe

My bet is that in << 10 you will be able to effectively turn off IPv4
for the client side but people will still be too scared to turn it off
on the server side until well after 10 years have gone my.

Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. On 19 May 2010, at 16:12, Paul Vixie wrote:

>> Date: Wed, 19 May 2010 01:03:07 -0500
>> ...
>> I also think people are seeing that it isn't going to be a pure world
>> for quite some time; IPv4 can't just be switched off, indeed may never
>> be so. However, for some, the reality of a IPv6 only service is
>> suddenly becoming more likely.
>
> that's more or less what we said about PDP11 compatibility mode in the VAX,
> and about 8086 compatibility mode in the 80386. yet, here we all are. i think
> that once things start to change they will change pretty quickly. and i've
> still got some 2.5MByte "Hawk" disk packs i'd like to read if anybody's got
> an old CDC drive and some kind of interface to it.

try them: http://news.yahoo.com/s/nm/20100519/lf_nm_life/us_technology_digital_genome_2

_______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. This is sort of like the chicken vs. the egg thing.

My cruddy little DSL line does not have IPv6 transport, and it probably
will not have IPv6 transport for many many years, (if at all).

So I have to just live with the fact that my DNS resolver will never be
able to reach 'j.gtld.biz' & 'j.cctld.us'.

Although, if those servers had both IPv4 and IPv6 adresses, I could
reach them via IPv4 and still resolve IPv6 addresses.

Personally, I think that DNS "Authoritative Servers" should be the last
things that go IPv6 only, specifically becasue of the transport issues,
but I guess the TLD operators sees it differently.

On Wed, 19 May 2010, Paul Vixie wrote:

>> Date: Wed, 19 May 2010 01:03:07 -0500
>> ...
>> I also think people are seeing that it isn't going to be a pure world
>> for quite some time; IPv4 can't just be switched off, indeed may never
>> be so. However, for some, the reality of a IPv6 only service is
>> suddenly becoming more likely.
>
> that's more or less what we said about PDP11 compatibility mode in the VAX,
> and about 8086 compatibility mode in the 80386. yet, here we all are. i think
> that once things start to change they will change pretty quickly. and i've
> still got some 2.5MByte "Hawk" disk packs i'd like to read if anybody's got
> an old CDC drive and some kind of interface to it.
> _______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe. Now I'm a bit confused, if "J" was also a member of an IPv4 anycast cloud,
why not publish it? And if that can't be done, just ****h the same IPv4
as one of the other working letters.

I know it will be a very very long time before I (and the majority of
the internet) can talk IPv6 natively. Is our punishment for that to be cut
off from "J".

I can update all my tools, but that is still not going to get me to be
able to talk to "J".

Seams like it could be fixed, but I would say that my resolver not being
able to talk to "2 out of 9" of the auth servers for the TLD is
a nice side effect.

On Wed, 19 May 2010, Edward Lewis wrote:

> At 14:52 -0400 5/19/10, Luis Uribarri wrote:
>
> Speaking as the operator of dotUS...
>
>> Personally, I think that DNS "Authoritative Servers" should be the last
>> things that go IPv6 only, specifically becasue of the transport issues,
>> but I guess the TLD operators sees it differently.
>
> The choice we had for "J" was to give it an IPv6 address or none at all. It
> was simply an opportunity to add one more machine that could answer on the
> IPv6 network (or to that fragment that could reach it). For those that care,
> the host assigned the "J" AAAA record was also a member of an IPv4 anycast
> cloud and just happened to have native IPv6 transit available.
>
> We are not taking a position on IPv4 vs. IPv6. We want to offer services on
> both transports. We are not in the business of promoting one or the other.
> OTOH, it happens that our IPv6-only server has raised awareness of some to
> update their tools. That is a nice side effect, but hardly our intention.
>
> --
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Edward Lewis
> NeuStar You can leave a voice message at +1-571-434-5468
>
> Discussing IPv4 address policy is like deciding what to eat on the Titanic.
> _______________________________________________
___________________________________________________

Posted on the Dns-operations mailing list. Go to https://lists.dns-oarc.net/mailman/listinfo/dns-operations to subscribe.

#16

19-05-2010 10:27 PM

Dns-operations member admin is online now

User

#17

19-05-2010 10:40 PM

Dns-operations member admin is online now

User

#18

19-05-2010 10:54 PM

Dns-operations member admin is online now

User

#19

19-05-2010 11:07 PM

Dns-operations member admin is online now

User

#20

19-05-2010 11:15 PM

Dns-operations member admin is online now

User

Page 1 of 1

NewsArc Lists | Culture Pages | Computing Archive | Media-Pages

Link to this page on your blog or website by copying the HTML code below and pasting it into your site:

Next Thread »