[nsp] resolving ftp.cisco.com

ARIGA Seiji ariga at os.rim.or.jp
Tue Jul 15 02:15:54 EDT 2003 

> 	Anyone else having problems resolving ftp.cisco.com?

----
>host -d -t ns cisco.com.
(snip)
cisco.com.              1d17h4m52s IN NS  ns2.cisco.com.
cisco.com.              1d17h4m52s IN NS  ns1.cisco.com.
ns2.cisco.com.          1d23h55m21s IN A  192.135.250.69
ns1.cisco.com.          1d21h31m23s IN A  128.107.241.185
----

----
>host -d -t a ftp.cisco.com. 192.135.250.69
(snip)
ftp.cisco.com.          1m12s IN A      64.102.255.95
ftp.cisco.com.          1D IN NS        sjce-dirty-ddir.cisco.com.
sjce-dirty-ddir.cisco.com.  1D IN A  172.17.153.22
sjce-dirty-ddir.cisco.com.  1D IN A  128.107.240.86
rcode = 0 (Success), ancount=1
ftp.cisco.com has address 64.102.255.95
----

no problem so far. but,

----
>host -d -t aaaa ftp.cisco.com. 192.135.250.69
Using domain server 192.135.250.69:

;; res_nmkquery(QUERY, ftp.cisco.com, IN, AAAA)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28852
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;;      ftp.cisco.com, type = AAAA, class = IN
;; Querying server (# 1) address = 192.135.250.69
;; new DG socket
server rejected query:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 28852
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;;      ftp.cisco.com, type = AAAA, class = IN
;; Querying server (# 1) address = 192.135.250.69
;; new DG socket
server rejected query:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 28852
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;;      ftp.cisco.com, type = AAAA, class = IN
res_nsend failed
Host not found, try again.
----

the correct answer for the host which doesn't have AAAA RR is 'no
error with no data' (*1). so if you use IPv6 enabled FTP client and
BIND8 for your resolving server, you may get into trouble.

# BIND9 will act differently, IIRC.

// ARIGA Seiji



(*1)

example.

>host -d -t aaaa puck.nether.net 169.207.2.72
Using domain server 169.207.2.72:

;; res_nmkquery(QUERY, puck.nether.net, IN, AAAA)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22963
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;;      puck.nether.net, type = AAAA, class = IN
;; Querying server (# 1) address = 169.207.2.72
;; new DG socket
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22963
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;;      puck.nether.net, type = AAAA, class = IN
nether.net.             1D IN SOA       puck.nether.net. jared.puck.nether.net. (
                                        2003070501      ; serial
                                        8H              ; refresh
                                        4H              ; retry
                                        4W              ; expiry
                                        1D )            ; minimum

rcode = 0 (Success), ancount=0

More information about the cisco-nsp mailing list