== TLD/net/gtld-servers.net/new == old :[[TLD/net/gtld-servers.net]] changed in 2016-01-13. Ask whois.-- ToshinoriMaeno <>  作業は1月7日か Now -- ToshinoriMaeno <> http://zone.vision/#/gtld-servers.net == gtld-servers.net NS == *.gtld-servers.netにnetゾーンを問い合わせる。 まずはNSを確認してみると、 {{{ $ dnsq ns net k.gtld-servers.net 2 net: 506 bytes, 1+13+0+12 records, response, authoritative, noerror query: 2 net answer: net 172800 NS j.gtld-servers.net answer: net 172800 NS l.gtld-servers.net answer: net 172800 NS b.gtld-servers.net answer: net 172800 NS h.gtld-servers.net answer: net 172800 NS f.gtld-servers.net answer: net 172800 NS k.gtld-servers.net answer: net 172800 NS c.gtld-servers.net answer: net 172800 NS i.gtld-servers.net answer: net 172800 NS e.gtld-servers.net answer: net 172800 NS a.gtld-servers.net answer: net 172800 NS m.gtld-servers.net answer: net 172800 NS d.gtld-servers.net answer: net 172800 NS g.gtld-servers.net additional: j.gtld-servers.net 172800 A 192.48.79.30 additional: j.gtld-servers.net 172800 28 \040\001\005\002p\224\000\000\000\000\000\000\000\000\0000 additional: l.gtld-servers.net 172800 A 192.41.162.30 additional: l.gtld-servers.net 172800 28 \040\001\005\000\3317\000\000\000\000\000\000\000\000\0000 additional: b.gtld-servers.net 172800 A 192.33.14.30 additional: b.gtld-servers.net 172800 28 \040\001\005\003#\035\000\000\000\000\000\000\000\002\0000 additional: h.gtld-servers.net 172800 A 192.54.112.30 additional: h.gtld-servers.net 172800 28 \040\001\005\002\010\314\000\000\000\000\000\000\000\000\0000 additional: f.gtld-servers.net 172800 A 192.35.51.30 additional: f.gtld-servers.net 172800 28 \040\001\005\003\324\024\000\000\000\000\000\000\000\000\0000 additional: k.gtld-servers.net 172800 A 192.52.178.30 additional: k.gtld-servers.net 172800 28 \040\001\005\003\015-\000\000\000\000\000\000\000\000\0000 }}} でも、ここのadditionalも受け入れないで、Aを問い合わせると、*.nstld.comに聞けとの返事が返る。 {{{ $ dnsq a a.gtld-servers.net k.gtld-servers.net 1 a.gtld-servers.net: 293 bytes, 1+0+4+8 records, response, noerror query: 1 a.gtld-servers.net authority: gtld-servers.net 172800 NS av1.nstld.com authority: gtld-servers.net 172800 NS av2.nstld.com authority: gtld-servers.net 172800 NS av3.nstld.com authority: gtld-servers.net 172800 NS av4.nstld.com additional: av1.nstld.com 172800 A 192.42.177.30 additional: av1.nstld.com 172800 28 \040\001\005\000\001$\000\000\000\000\000\000\000\000\0000 additional: av2.nstld.com 172800 A 192.42.178.30 additional: av2.nstld.com 172800 28 \040\001\005\000\001%\000\000\000\000\000\000\000\000\0000 additional: av3.nstld.com 172800 A 192.82.133.30 additional: av3.nstld.com 172800 28 \040\001\005\000\001&\000\000\000\000\000\000\000\000\0000 additional: av4.nstld.com 172800 A 192.82.134.30 additional: av4.nstld.com 172800 28 \040\001\005\000\001'\000\000\000\000\000\000\000\000\0000 }}} このadditionalは捨てるべきもの。 == gtld-servers.net のAを問い合わせる先は? == nstld.com下のホスト! [[TLD/com]] %dnsq soa gtld-servers.net 192.42.177.30 {{{ 6 gtld-servers.net: 170 bytes, 1+1+4+0 records, response, authoritative, noerror query: 6 gtld-servers.net answer: gtld-servers.net 86400 SOA av4.nstld.com nstld.verisign-grs.com 2016010700 3600 900 1209600 86400 authority: gtld-servers.net 86400 NS av4.nstld.com authority: gtld-servers.net 86400 NS av1.nstld.com authority: gtld-servers.net 86400 NS av3.nstld.com authority: gtld-servers.net 86400 NS av2.nstld.com }}} == さらには == former NS responds new NS's. %dnsq a g2.gtld-servers.net 192.42.93.31 {{{ 1 g2.gtld-servers.net: 134 bytes, 1+1+4+0 records, response, authoritative, noerror query: 1 g2.gtld-servers.net answer: g2.gtld-servers.net 86400 A 192.42.93.31 authority: gtld-servers.net 86400 NS av2.nstld.com authority: gtld-servers.net 86400 NS av3.nstld.com authority: gtld-servers.net 86400 NS av1.nstld.com authority: gtld-servers.net 86400 NS av4.nstld.com }}} ---- If you try to get authoritative A record of [a-m].gtld-servers.net without relying on av[1-4].nstld.com additional (out-of-bailiwick A), you have to resolve av[1-4].nstld.com. And you know com NS's are in gtld-servers.net zone. (wow) Conclusion: You will not reach com domain if you discard out-of-bailiwick additionals. In case of Knot resolver, it use glue record of gtld-servers.net from root-servers, cached, and reused. Try unbound (with harden-referral-path yes), then you will find very long queries.(w) -- ToshinoriMaeno <> ---- additional: a.gtld-servers.net 172800 A 192.5.6.30 strange behavior $ dnsq ns a.gtld-servers.net 192.5.6.30 {{{ 2 a.gtld-servers.net: 293 bytes, 1+0+4+8 records, response, noerror query: 2 a.gtld-servers.net authority: gtld-servers.net 172800 NS av1.nstld.com authority: gtld-servers.net 172800 NS av2.nstld.com authority: gtld-servers.net 172800 NS av3.nstld.com authority: gtld-servers.net 172800 NS av4.nstld.com additional: av1.nstld.com 172800 A 192.42.177.30 additional: av1.nstld.com 172800 28 \040\001\005\000\001$\000\000\000\000\000\000\000\000\0000 additional: av2.nstld.com 172800 A 192.42.178.30 additional: av2.nstld.com 172800 28 \040\001\005\000\001%\000\000\000\000\000\000\000\000\0000 additional: av3.nstld.com 172800 A 192.82.133.30 additional: av3.nstld.com 172800 28 \040\001\005\000\001&\000\000\000\000\000\000\000\000\0000 additional: av4.nstld.com 172800 A 192.82.134.30 additional: av4.nstld.com 172800 28 \040\001\005\000\001'\000\000\000\000\000\000\000\000\0000 }}} out of bailiwick additionals $ dnsq a a.gtld-servers.net 192.5.6.30 {{{ 1 a.gtld-servers.net: 293 bytes, 1+0+4+8 records, response, noerror query: 1 a.gtld-servers.net authority: gtld-servers.net 172800 NS av1.nstld.com authority: gtld-servers.net 172800 NS av2.nstld.com authority: gtld-servers.net 172800 NS av3.nstld.com authority: gtld-servers.net 172800 NS av4.nstld.com additional: av1.nstld.com 172800 A 192.42.177.30 additional: av1.nstld.com 172800 28 \040\001\005\000\001$\000\000\000\000\000\000\000\000\0000 additional: av2.nstld.com 172800 A 192.42.178.30 additional: av2.nstld.com 172800 28 \040\001\005\000\001%\000\000\000\000\000\000\000\000\0000 additional: av3.nstld.com 172800 A 192.82.133.30 additional: av3.nstld.com 172800 28 \040\001\005\000\001&\000\000\000\000\000\000\000\000\0000 additional: av4.nstld.com 172800 A 192.82.134.30 additional: av4.nstld.com 172800 28 \040\001\005\000\001'\000\000\000\000\000\000\000\000\0000 }}} out of bailiwick additionals if I query some {{{ $ dnsq a a.gtld-servers.net 192.42.177.30 1 a.gtld-servers.net: temporary failure }}} %dnsq a a.gtld-servers.net 192.42.177.30 {{{ 1 a.gtld-servers.net: 133 bytes, 1+1+4+0 records, response, authoritative, noerror query: 1 a.gtld-servers.net answer: a.gtld-servers.net 86400 A 192.5.6.30 authority: gtld-servers.net 86400 NS av2.nstld.com authority: gtld-servers.net 86400 NS av4.nstld.com authority: gtld-servers.net 86400 NS av1.nstld.com authority: gtld-servers.net 86400 NS av3.nstld.com }}} Correct response no additional section -- ToshinoriMaeno <>