[HamWAN PSDR] Resolving DNS when there's no root servers
Dean Gibson AE7Q
hamwan at ae7q.com
Thu Apr 10 22:21:51 PDT 2014
Two days ago I obtained domain 44rf.net, for the sole purpose of
supporting amateurs on 44.x.x.x which need more *subdomain* support than
ampr.org provides (ie, *none*; Brian Kantor will not allow NS records in
ampr.org). It's trivial to allow subdomains of 44rf.net which users can
*self-manage*, without screwing up the parent domain (volunteers/testers
welcome). And, with the use of stub zones, I support (present tense)
referrals to ampr.org, hamwan.net, and other domains in a situation
where the root servers are not available. Eg:
>dig @ns1.ae7q.ampr.org db0bi.ampr.org
; <<>> DiG 9.2.4 <<>> @ns1.ae7q.ampr.org db0bi.ampr.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55750
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 7, ADDITIONAL: 10
;; QUESTION SECTION:
;db0bi.ampr.org. IN A
;; ANSWER SECTION:
db0bi.ampr.org. 3568 IN A 44.225.61.14
;; AUTHORITY SECTION:
ampr.org. 3568 IN NS hamradio.ucsd.edu.
ampr.org. 3568 IN NS ns0.comgw.net.
ampr.org. 3568 IN NS ns1.defaultroute.net.
ampr.org. 3568 IN NS ns2.threshinc.com.
ampr.org. 3568 IN NS ampr.org.
ampr.org. 3568 IN NS munnari.OZ.AU.
ampr.org. 3568 IN NS ampr-dns.in-berlin.de.
;; ADDITIONAL SECTION:
ns1.defaultroute.net. 172764 IN A 74.120.14.69
ns2.threshinc.com. 3564 IN A 192.41.222.8
ns2.threshinc.com. 172764 IN AAAA 2604:5000:0:2::2
ampr.org. 3568 IN A 44.0.0.1
munnari.OZ.AU. 14365 IN A 202.29.151.3
munnari.OZ.AU. 86364 IN AAAA 2001:3c8:9007:1::21
munnari.OZ.AU. 86364 IN AAAA 2001:3c8:9009:181::2
ampr-dns.in-berlin.de. 864 IN A 192.109.42.4
ampr-dns.in-berlin.de. 864 IN AAAA 2a01:238:4073:e600::1
hamradio.ucsd.edu. 43164 IN A 169.228.66.6
;; Query time: 253 msec
;; SERVER: 44.24.240.173#53(44.24.240.173)
;; WHEN: Thu Apr 10 20:10:06 2014
;; MSG SIZE rcvd: 452
>dig @ns1.ae7q.ampr.org a.ns.hamwan.net
; <<>> DiG 9.2.4 <<>> @ns1.ae7q.ampr.org a.ns.hamwan.net
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46457
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;a.ns.hamwan.net. IN A
;; ANSWER SECTION:
a.ns.hamwan.net. 3600 IN A 44.24.244.2
;; AUTHORITY SECTION:
hamwan.net. 172800 IN NS a.ns.hamwan.net.
hamwan.net. 172800 IN NS b.ns.hamwan.net.
;; Query time: 499 msec
;; SERVER: 44.24.240.173#53(44.24.240.173)
;; WHEN: Thu Apr 10 20:31:47 2014
;; MSG SIZE rcvd: 79
However, notice what happens when I access a domain for which I do *not*
have a stub zone declaration:
>dig @ns1.ae7q.ampr.org www.hamwan.org
; <<>> DiG 9.2.4 <<>> @ns1.ae7q.ampr.org www.hamwan.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24283
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 0
;; QUESTION SECTION:
;www.hamwan.org. IN A
;; AUTHORITY SECTION:
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS H.ROOT-SERVERS.NET.
;; Query time: 258 msec
;; SERVER: 44.24.240.173#53(44.24.240.173)
;; WHEN: Thu Apr 10 22:11:09 2014
;; MSG SIZE rcvd: 243
That is, ns1.ae7q.ampr.org does not function as a general-purpose
recursive DNS server.
Now, if someone else is already doing this ... let me know.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.hamwan.net/pipermail/psdr/attachments/20140410/3ddc1564/attachment.html>
More information about the PSDR
mailing list