Home page logo
/

nanog logo nanog mailing list archives

Re: Lame RFC1918 delegations
From: bmanning () ISI EDU
Date: Fri, 3 Apr 1998 11:36:10 -0800 (PST)


The primary for these zones moved to a dedicated server (blackhole.isi.edu)
in early february 1998.  Due to an unfortunate confluence of events, 
this week we identified several points of misconfiguration in both
zone files and system configuration files.  Talking with the sysadmin
this morning leads me to believe that the system is working properly.

26% dig -x 172.16 any @blackhole.isi.edu

; <<>> DiG 2.0 <<>> -x any @blackhole.isi.edu 
;; ->>HEADER<<- opcode: QUERY , status: NOERROR, id: 12
;; flags: qr rd ra ; Ques: 1, Ans: 2, Auth: 2, Addit: 2
;; QUESTIONS: 
;;      16.172.in-addr.arpa, type = ANY, class = IN

;; ANSWERS:
16.172.in-addr.arpa.    490877  NS      NS2.INTERNIC.NET.
16.172.in-addr.arpa.    490877  NS      BLACKHOLE.ISI.EDU.

;; AUTHORITY RECORDS:
16.172.in-addr.arpa.    490877  NS      NS2.INTERNIC.NET.
16.172.in-addr.arpa.    490877  NS      BLACKHOLE.ISI.EDU.

;; ADDITIONAL RECORDS:
NS2.INTERNIC.NET.       84712   A       198.41.0.11
BLACKHOLE.ISI.EDU.      41512   A       128.9.64.26

;; Sent 3 pkts, answer found in time: 401 msec 
;; FROM: zed.isi.edu to SERVER: blackhole.isi.edu  128.9.64.26
;; WHEN: Fri Apr  3 11:35:07 1998
;; MSG SIZE  sent: 37  rcvd: 158



Several people have forwarded to me a message you sent to NANOG saying that
the problem with the RFC 1918 delegations was fixed yesterday.  As far as I
can tell, this is not true.  I'm still seeing lame responses from both
blackhole.isi.edu and ns2.internic.net (which replaced rs0.internic.net in
the delegations yesterday).

Also, we have a system here configured as a secondary server for the RFC
1918 domains, so that we can point customer firewalls to it for their zone
transfers (this way, if the original primary moves, we only have to update
one system, not all the firewalls).  It used to use ns.isi.edu as its
primary, but that stopped working on 3/25.  Is there a machine that can be
used instead?

tools:~#58% whois 172.16
IANA (IANA-BBLK-RESERVED)
   Internet Assigned Numbers Authority
   Information Sciences Institute
   University of Southern California
   4676 Admiralty Way, Suite 1001
   Marina del Rey, CA 90292-6695

   Netname: IANA-BBLK-RESERVED
   Netblock: 172.16.0.0 - 172.31.0.0

   Coordinator:
      Internet Assigned Numbers Authority  (IANA-ARIN)  iana () iana org
      (310) 822-1511

   Domain System inverse mapping provided by:

   BLACKHOLE.ISI.EDU          128.9.64.26
   NS2.INTERNIC.NET           198.41.0.11

tools:~#61% dig -x 172.16 any @blackhole.isi.edu

; <<>> DiG 2.1 <<>> -x any @blackhole.isi.edu 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr rd ra; Ques: 1, Ans: 2, Auth: 2, Addit: 2
;; QUESTIONS:
;;    16.172.in-addr.arpa, type = ANY, class = IN

;; ANSWERS:
16.172.in-addr.arpa.  295906  NS      RS0.INTERNIC.NET.
16.172.in-addr.arpa.  295906  NS      BLACKHOLE.ISI.EDU.

;; AUTHORITY RECORDS:
16.172.in-addr.arpa.  295906  NS      RS0.INTERNIC.NET.
16.172.in-addr.arpa.  295906  NS      BLACKHOLE.ISI.EDU.

;; ADDITIONAL RECORDS:
RS0.INTERNIC.NET.     43877   A       198.41.0.5
BLACKHOLE.ISI.EDU.    25946   A       128.9.64.26

;; Total query time: 427 msec
;; FROM: tools.bbnplanet.com to SERVER: blackhole.isi.edu  128.9.64.26
;; WHEN: Fri Apr  3 09:39:09 1998
;; MSG SIZE  sent: 37  rcvd: 158

tools:~#63% dig -x 172.16 any @ns2.internic.net

; <<>> DiG 2.1 <<>> -x any @ns2.internic.net 
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10
;; flags: qr rd; Ques: 1, Ans: 4, Auth: 0, Addit: 2
;; QUESTIONS:
;;    16.172.in-addr.arpa, type = ANY, class = IN

;; ANSWERS:
16.172.in-addr.arpa.  86400   NS      NS.ISI.EDU.
16.172.in-addr.arpa.  86400   NS      rs0.internic.net.
16.172.in-addr.arpa.  86400   NS      ORB.ISI.EDU.
16.172.in-addr.arpa.  86400   SOA     NS.ISI.EDU. bmanning.zed.ISI.EDU. (
                      19941005        ; serial
                      10800   ; refresh (3 hours)
                      900     ; retry (15 mins)
                      604800  ; expire (7 days)
                      86400 ) ; minimum (1 day)

;; ADDITIONAL RECORDS:
NS.ISI.EDU.   172800  A       128.9.128.127
rs0.internic.net.     172800  A       198.41.0.5

;; Total query time: 60 msec
;; FROM: tools.bbnplanet.com to SERVER: ns2.internic.net  198.41.0.11
;; WHEN: Fri Apr  3 09:39:27 1998
;; MSG SIZE  sent: 37  rcvd: 190



-- 
Barry Margolin, barmar () bbnplanet com
GTE Internetworking, Powered by BBN, Cambridge, MA



-- 
--bill


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault