DNS Anomalies?

General discussion about web technology.
Post Reply
barbaz
Senior Member
Posts: 9145
Joined: Sat Aug 03, 2013 5:45 pm

DNS Anomalies?

Post by barbaz » Fri Apr 15, 2016 1:20 am

I have undefined, null, & none all defined in the HOSTS file as 0.0.0.0, and dnsmasq (configured with 'domain-needed' option) is reading the HOSTS file and supposed to be returning DNS queries from it... however:

Code: Select all

$ dig null

; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> null
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6247
;; flags: qr rd ra; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 25

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;.                              IN      NS

;; ANSWER SECTION:
.                       483436  IN      NS      l.root-servers.net.
.                       483436  IN      NS      j.root-servers.net.
.                       483436  IN      NS      i.root-servers.net.
.                       483436  IN      NS      g.root-servers.net.
.                       483436  IN      NS      k.root-servers.net.
.                       483436  IN      NS      e.root-servers.net.
.                       483436  IN      NS      f.root-servers.net.
.                       483436  IN      NS      d.root-servers.net.
.                       483436  IN      NS      c.root-servers.net.
.                       483436  IN      NS      a.root-servers.net.
.                       483436  IN      NS      b.root-servers.net.
.                       483436  IN      NS      m.root-servers.net.
.                       483436  IN      NS      h.root-servers.net.

;; ADDITIONAL SECTION:
a.root-servers.net.     310638  IN      A       198.41.0.4
a.root-servers.net.     310638  IN      AAAA    2001:503:ba3e::2:30
b.root-servers.net.     310640  IN      A       192.228.79.201
b.root-servers.net.     319957  IN      AAAA    2001:500:84::b
m.root-servers.net.     310638  IN      A       202.12.27.33
m.root-servers.net.     310719  IN      AAAA    2001:dc3::35
h.root-servers.net.     310636  IN      A       198.97.190.53
h.root-servers.net.     310771  IN      AAAA    2001:500:1::53
l.root-servers.net.     310653  IN      A       199.7.83.42
l.root-servers.net.     310997  IN      AAAA    2001:500:9f::42
j.root-servers.net.     310640  IN      A       192.58.128.30
j.root-servers.net.     320978  IN      AAAA    2001:503:c27::2:30
i.root-servers.net.     310845  IN      A       192.36.148.17
i.root-servers.net.     382234  IN      AAAA    2001:7fe::53
g.root-servers.net.     310640  IN      A       192.112.36.4
k.root-servers.net.     310651  IN      A       193.0.14.129
k.root-servers.net.     314617  IN      AAAA    2001:7fd::1
e.root-servers.net.     310941  IN      A       192.203.230.10
f.root-servers.net.     310924  IN      A       192.5.5.241
f.root-servers.net.     311220  IN      AAAA    2001:500:2f::f
d.root-servers.net.     310653  IN      A       199.7.91.13
d.root-servers.net.     310859  IN      AAAA    2001:500:2d::d
c.root-servers.net.     310761  IN      A       192.33.4.12
c.root-servers.net.     310809  IN      AAAA    2001:500:2::c

;; Query time: 43 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: xxxxxxxxxxxxxxxxxxxxxxx
;; MSG SIZE  rcvd: 755



Code: Select all

$ dig none

; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> none
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 33712
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;.                              NONE    NS

;; Query time: 51 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: xxxxxxxxxxxxxxxxxxx
;; MSG SIZE  rcvd: 17



Why this weird results?

For reference, this one works as expected:

Code: Select all

$ dig undefined

; <<>> DiG 9.9.5-3ubuntu0.8-Ubuntu <<>> undefined
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46884
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;undefined.                     IN      A

;; ANSWER SECTION:
undefined.              0       IN      A       0.0.0.0

;; Query time: 0 msec
;; SERVER: 127.0.1.1#53(127.0.1.1)
;; WHEN: xxxxxxxxxxxxxxxxxxx
;; MSG SIZE  rcvd: 43

*Always* check the changelogs BEFORE updating that important software!
-

morganism
Senior Member
Posts: 116
Joined: Tue Nov 26, 2013 9:44 pm

Re: DNS Anomalies?

Post by morganism » Sat Apr 23, 2016 1:05 am

I had some weird changes to DNS when Phoenix/CenturyLink feed started routing thru the NSA facility at Bluffdale, UT. around Thanksgiving last year,

Looks like your time has come...
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20130410 Firefox/23.0

barbaz
Senior Member
Posts: 9145
Joined: Sat Aug 03, 2013 5:45 pm

Re: DNS Anomalies?

Post by barbaz » Sat Apr 23, 2016 12:18 pm

What? No, this is about why dnsmasq isn't answering those queries from the HOSTS file, or why dig isn't properly passing those queries to dnsmasq. All the weirdness is local; pretty obvious that this stuff would get either NXDOMAIN or odd answers from an upstream server, regardless of where my DNS is routed through.

I don't think there is any "change", just that I never tried any of this until now.
*Always* check the changelogs BEFORE updating that important software!
-

Post Reply