More information about the Underscore mailing list

[_] DNS resolving oddity

Craig Francis craig at craigfrancis.co.uk
Mon Nov 6 09:11:11 GMT 2017

Thanks for confirming Oliver,

I’m trying to help the company who (not surprisingly) had DNS issues last week, and the setup seems odd (the 20s TTL seems wrong to me as well).

This was just the first time I’ve seen a setup where you could get another Authority response when asking for an A record (i.e. after doing the NS lookups, and being told who should be the authority for that domain).

And I’m running OSX as well, so not sure why I was needing the +noedns flag.

Craig



> On 5 Nov 2017, at 10:59 pm, Oliver Humpage <oliver at watershed.co.uk> wrote:
> 
> 
>> On 5 Nov 2017, at 17:45, Craig Francis <craig at craigfrancis.co.uk> wrote:
>> 
>> We finally get the answer, but this seems a bit weird/broken to me... yet somehow it works (for all?).
> 
> I guess your concern is that a DNS server that should be authoritative for the domain isn’t returning an answer.
> 
> However, what it is returning (an Authority section) is exactly what both the root and .com DNS servers returned. Therefore the client will simply carry on following the chain and ask one of the servers in the authority section, which as you noted works fine (on OS X I didn’t need the +noedns flag).
> 
> So it’s slightly odd, but it’s all within spec. Of more concern is the 20s TTL, which is insanely low. Whatever you’re doing that requires that low a TTL, do it another way, cos that’s not really how DNS is meant to work :)
> 
> Oliver.
> 
> -- 
> underscore_ list info/archive -> http://www.under-score.org.uk/mailman/listinfo/underscore