> The nslookup results you see are probably due to the fact that the
> servers are responding after nslookup has timed out, and that's
> confusing nslookup as it cycles through all of the server addresses in
> your resolv.conf.
>
> michael
what was _really_ weird was this...
rossd@rossd ~ $ dig @21.248.0.3 www.namesys.com
;; reply from unexpected source: 128.32.206.9#53, expected 21.248.0.3#53
;; Warning: ID mismatch: expected ID 4007, got 52093
but never having poisoned a DNS cache, i don't really know if
there is a particular signature identifier.
All started when I was looking through the logs today on a sick
Windoze box: machine was reporting some .dll errors, when i saw
the following:
Event Type: Warning
Event Source: DNS
Event Category: None
Event ID: 5504
Date: 12/28/2004
Time: 4:13:45 PM
User: N/A
Computer: AXLE
Description:
The DNS server encountered an invalid domain name in a packet from 128.32.136.9. The packet is rejected.
don't know if its related... Windows Event viewer information is about
as clear as new england clam chowder. :-(
I attached the outputs of dnstrace from a machine here,
and my machine on my home DSL. I figured there were minds more
knowledgeable about such things...
Anyway, I'm just glad to know the sick Windoze box was not
anything I did. :-)
-- Tracing to www.namesys.com[a] via 206.13.31.12, maximum of 3 retries 206.13.31.12 (206.13.31.12) IP HEADER - Destination address: 206.13.31.12 DNS HEADER (send) - Identifier: 0x7D65 - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) DNS HEADER (recv) - Identifier: 0x7D65 - Flags: 0x8080 (R RA ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 1 - Number authority RR: 2 - Number additional RR: 3 QUESTIONS (recv) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) ANSWER RR - Domainname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) - TTL: 44296 (12h18m16s) - Resource length: 4 - Resource data: 212.16.7.65 AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 44296 (12h18m16s) - Resource length: 5 - Resource data: (2)ns(7)namesys(3)com AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 44296 (12h18m16s) - Resource length: 16 - Resource data: (3)ns0(7)comstar(2)ru ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 36337 (10h5m37s) - Resource length: 4 - Resource data: 195.210.128.3 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 36337 (10h5m37s) - Resource length: 4 - Resource data: 212.248.0.3 ADDITIONAL RR - Domainname: (2)ns(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) - TTL: 44296 (12h18m16s) - Resource length: 4 - Resource data: 212.16.7.65 Got answer |\___ ns.namesys.com [namesys.com] (212.16.7.65) IP HEADER - Destination address: 212.16.7.65 DNS HEADER (send) - Identifier: 0x640F - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) * IP HEADER - Destination address: 212.16.7.65 DNS HEADER (send) - Identifier: 0x640F - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) * IP HEADER - Destination address: 212.16.7.65 DNS HEADER (send) - Identifier: 0x640F - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) * |\___ ns0.comstar.ru [namesys.com] (195.210.128.3) IP HEADER - Destination address: 195.210.128.3 DNS HEADER (send) - Identifier: 0x6601 - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) DNS HEADER (recv) - Identifier: 0x6601 - Flags: 0x8080 (R RA ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 2 - Number additional RR: 3 QUESTIONS (recv) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 147359 (1d16h55m59s) - Resource length: 19 - Resource data: (8)t-raenon(3)nmd(3)msu(2)ru AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 147359 (1d16h55m59s) - Resource length: 16 - Resource data: (3)ns0(7)comstar(2)ru ADDITIONAL RR - Domainname: (8)t-raenon(3)nmd(3)msu(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 46214 (12h50m14s) - Resource length: 4 - Resource data: 193.232.112.65 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 41353 (11h29m13s) - Resource length: 4 - Resource data: 195.210.128.3 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 41353 (11h29m13s) - Resource length: 4 - Resource data: 212.248.0.3 Lame server \___ ns0.comstar.ru [namesys.com] (212.248.0.3) IP HEADER - Destination address: 212.248.0.3 DNS HEADER (send) - Identifier: 0x1665 - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) DNS HEADER (recv) - Identifier: 0x1665 - Flags: 0x8080 (R RA ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 2 - Number additional RR: 3 QUESTIONS (recv) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 147359 (1d16h55m59s) - Resource length: 19 - Resource data: (8)t-raenon(3)nmd(3)msu(2)ru AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 147359 (1d16h55m59s) - Resource length: 16 - Resource data: (3)ns0(7)comstar(2)ru ADDITIONAL RR - Domainname: (8)t-raenon(3)nmd(3)msu(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 46214 (12h50m14s) - Resource length: 4 - Resource data: 193.232.112.65 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 41353 (11h29m13s) - Resource length: 4 - Resource data: 195.210.128.3 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 41353 (11h29m13s) - Resource length: 4 - Resource data: 212.248.0.3 Lame server -- Tracing to www.namesys.com[a] via 128.32.136.9, maximum of 3 retries 128.32.136.9 (128.32.136.9) IP HEADER - Destination address: 128.32.136.9 DNS HEADER (send) - Identifier: 0x6048 - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) DNS HEADER (recv) - Identifier: 0x6048 - Flags: 0x8080 (R RA ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 2 - Number additional RR: 3 QUESTIONS (recv) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 166878 (1d22h21m18s) - Resource length: 14 - Resource data: (3)ns0(7)comstar(2)ru AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 166878 (1d22h21m18s) - Resource length: 21 - Resource data: (8)t-raenon(3)nmd(3)msu(2)ru ADDITIONAL RR - Domainname: (8)t-raenon(3)nmd(3)msu(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 42369 (11h46m9s) - Resource length: 4 - Resource data: 193.232.112.65 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 72375 (20h6m15s) - Resource length: 4 - Resource data: 212.248.0.3 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 72375 (20h6m15s) - Resource length: 4 - Resource data: 195.210.128.3 |\___ ns0.comstar.ru [namesys.com] (212.248.0.3) IP HEADER - Destination address: 212.248.0.3 DNS HEADER (send) - Identifier: 0x1410 - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) DNS HEADER (recv) - Identifier: 0x1410 - Flags: 0x8080 (R RA ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 2 - Number additional RR: 3 QUESTIONS (recv) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 147380 (1d16h56m20s) - Resource length: 19 - Resource data: (8)t-raenon(3)nmd(3)msu(2)ru AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 147380 (1d16h56m20s) - Resource length: 16 - Resource data: (3)ns0(7)comstar(2)ru ADDITIONAL RR - Domainname: (8)t-raenon(3)nmd(3)msu(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 46235 (12h50m35s) - Resource length: 4 - Resource data: 193.232.112.65 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 41374 (11h29m34s) - Resource length: 4 - Resource data: 195.210.128.3 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 41374 (11h29m34s) - Resource length: 4 - Resource data: 212.248.0.3 Lame server |\___ ns0.comstar.ru [namesys.com] (195.210.128.3) IP HEADER - Destination address: 195.210.128.3 DNS HEADER (send) - Identifier: 0x5179 - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) DNS HEADER (recv) - Identifier: 0x5179 - Flags: 0x8080 (R RA ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 2 - Number additional RR: 3 QUESTIONS (recv) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 147379 (1d16h56m19s) - Resource length: 19 - Resource data: (8)t-raenon(3)nmd(3)msu(2)ru AUTHORITY RR - Domainname: (7)namesys(3)com - Type: 2 (NS) - Class: 1 (Internet) - TTL: 147379 (1d16h56m19s) - Resource length: 16 - Resource data: (3)ns0(7)comstar(2)ru ADDITIONAL RR - Domainname: (8)t-raenon(3)nmd(3)msu(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 46234 (12h50m34s) - Resource length: 4 - Resource data: 193.232.112.65 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 41373 (11h29m33s) - Resource length: 4 - Resource data: 195.210.128.3 ADDITIONAL RR - Domainname: (3)ns0(7)comstar(2)ru - Type: 1 (A) - Class: 1 (Internet) - TTL: 41373 (11h29m33s) - Resource length: 4 - Resource data: 212.248.0.3 Lame server \___ t-raenon.nmd.msu.ru [namesys.com] (193.232.112.65) IP HEADER - Destination address: 193.232.112.65 DNS HEADER (send) - Identifier: 0x222F - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) * IP HEADER - Destination address: 193.232.112.65 DNS HEADER (send) - Identifier: 0x222F - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) * IP HEADER - Destination address: 193.232.112.65 DNS HEADER (send) - Identifier: 0x222F - Flags: 0x00 (Q ) - Opcode: 0 (Standard query) - Return code: 0 (No error) - Number questions: 1 - Number answer RR: 0 - Number authority RR: 0 - Number additional RR: 0 QUESTIONS (send) - Queryname: (3)www(7)namesys(3)com - Type: 1 (A) - Class: 1 (Internet) * ------------------------------------------------------------------------ The following was automatically added to this message by the list server: For information about Micronet, including subscribing to or unsubscribing from its mailing list and finding out about upcoming meetings, please visit the Micronet Web site: <http://micronet.berkeley.edu/>.Received on Tue Jan 25 10:33:13 2005
This archive was generated by hypermail 2.1.8 : Tue Jan 25 2005 - 10:33:26 PST