p182
June 8, 2023, 10:48am
1
Hello, I noticed, that 1.1.1.3 returns wrong answer for clientHold domain, that must not be resolved at all
> root@ssh:~$ nslookup yandex.ua 1.1.1.3
> Server: 1.1.1.3
> Address: 1.1.1.3#53
>
> Non-authoritative answer:
> Name: yandex.ua
> Address: 213.180.193.56
> ** server can't find yandex.ua: NXDOMAIN
Any other tested servers return right answer without IP address:
> root@ssh:~$ nslookup yandex.ua 1.1.1.1
> Server: 1.1.1.1
> Address: 1.1.1.1#53
>
> Non-authoritative answer:
> *** Can't find yandex.ua: No answer
>
> root@ssh:~$ nslookup yandex.ua 8.8.8.8
> Server: 8.8.8.8
> Address: 8.8.8.8#53
>
> Non-authoritative answer:
> *** Can't find yandex.ua: No answer
WHOIS:
> |domain:|yandex.ua|
> |---|---|
> |dom-public:|NO|
> |license:|48116|
> |mnt-by:|ua.imena|
> |nserver:|ns7.yandex.ru|
> |nserver:|ns8.yandex.ru|
> |status:|clientHold|
> |created:|2005-04-27 02:54:19+03|
> |modified:|2022-03-01 11:16:56+02|
> |expires:|2025-04-27 02:54:19+03|
> |source:|UAEPP|
Can you explain that behaviour and fix it?
p182:
yandex.ua
Whois does appear to confirm a ClientHold in place at the moment.
Hmmm… slightly more interesting.
dig yandex.ua @1.1.1.1
; <<>> DiG 9.10.6 <<>> yandex.ua @1.1.1.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 723
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;yandex.ua. IN A
;; AUTHORITY SECTION:
ua. 3535 IN SOA in1.ns.ua. domain-master.cctld.ua. 2023060804 3636 1212 3024000 3535
;; Query time: 51 msec
;; SERVER: 1.1.1.1#53(1.1.1.1)
;; WHEN: Thu Jun 08 06:55:59 EDT 2023
;; MSG SIZE rcvd: 101
dig yandex.ua @1.1.1.3
; <<>> DiG 9.10.6 <<>> yandex.ua @1.1.1.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 137
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;yandex.ua. IN A
;; ANSWER SECTION:
yandex.ua. 60 IN A 213.180.193.56
;; Query time: 62 msec
;; SERVER: 1.1.1.3#53(1.1.1.3)
;; WHEN: Thu Jun 08 06:57:24 EDT 2023
;; MSG SIZE rcvd: 54
Maybe if @mvavrusa happens to be around they could take a peek as this seems a bit odd.
1 Like
p182
June 8, 2023, 12:00pm
5
Just to clarify, NXDOMAIN is AAAA answer by 1.1.1.3
dig -t AAAA yandex.ua @1.1.1.3
; <<>> DiG 9.11.5 <<>> -t AAAA yandex.ua @1.1.1.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 65467
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
;; QUESTION SECTION:
;yandex.ua. IN AAAA
;; Query time: 2 msec
;; SERVER: 1.1.1.3#53(1.1.1.3)
;; WHEN: Thu Jun 08 13:56:43 CEST 2023
;; MSG SIZE rcvd: 38
It seems like 1.1.1.3 redirects to “safe search” version, let me take a look what’s going on.
2 Likes
Hi! Just following up - 1.1.1.3 had a forced safesearch redirect that didn’t check whether the domain exists correctly, this has been corrected, sorry for the issues.
3 Likes
system
June 12, 2023, 7:54pm
8
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.