This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] Reverse DNS delegations
- Previous message (by thread): [anti-abuse-wg] Reverse DNS delegations
- Next message (by thread): [anti-abuse-wg] Reverse DNS delegations
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Alessandro Vesely
vesely at tana.it
Mon Apr 8 12:10:57 CEST 2024
On Sun 07/Apr/2024 16:47:37 +0200 Semisol via anti-abuse-wg wrote: > On 7.04.2024 15:42, Alessandro Vesely wrote: >> >> BTW, how should one search DB objects like 2.0.a.2.ip6.arpa? I can search it >> in the DNS but not in https://apps.db.ripe.net/db-web-ui/query >> > -T domain -d <range> > > I believe you can also use the more/less specific flags with that query but I > didn't try. Thanks, that apparently works. However, -T domain -d 2a02:: finds 0.0.0.0.2.0.a.2.ip6.arpa. It seems to prepend a variable number of zeroes and cite the wrong name servers (see queries below). Shouldn't it find 2.0.a.2.ip6.arpa? That domain exists, although it has no name servers. The parent zone, 0.a.2.ip6.arpa, has lots of international NSes, none of which matches the ones returned by the database queries. Delegations don't seem to be generated from the database. How is that supposed to work? ----- queries ----- $ whois -h whois.ripe.net -T domain -d 2a02:: % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See https://apps.db.ripe.net/docs/HTML-Terms-And-Conditions % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '0.0.0.0.2.0.a.2.ip6.arpa' domain: 0.0.0.0.2.0.a.2.ip6.arpa descr: IPv6 reverse delegation SES nserver: isrvdns1.astra-net.com nserver: isrvdns2.astra-net.com nserver: isrvdns3.astra-net.com ... $ dig 0.0.0.0.2.0.a.2.ip6.arpa ns ;; communications error to ::1#53: timed out ... $ dig @isrvdns1.astra-net.com 0.0.0.0.2.0.a.2.ip6.arpa ns ;; communications error to 212.56.224.20#53: timed out ;; communications error to 212.56.224.20#53: timed out ;; communications error to 212.56.224.20#53: timed out ; <<>> DiG 9.18.24-1-Debian <<>> @isrvdns1.astra-net.com 0.0.0.0.2.0.a.2.ip6.arpa ns ; (1 server found) ;; global options: +cmd ;; no servers could be reached $ dig @isrvdns2.astra-net.com 0.0.0.0.2.0.a.2.ip6.arpa ns ;; communications error to 212.56.224.21#53: timed out ;; communications error to 212.56.224.21#53: timed out ;; communications error to 212.56.224.21#53: timed out ; <<>> DiG 9.18.24-1-Debian <<>> @isrvdns2.astra-net.com 0.0.0.0.2.0.a.2.ip6.arpa ns ; (1 server found) ;; global options: +cmd ;; no servers could be reached $ dig @isrvdns3.astra-net.com 0.0.0.0.2.0.a.2.ip6.arpa ns ;; communications error to 213.169.107.4#53: timed out ;; communications error to 213.169.107.4#53: timed out ;; communications error to 213.169.107.4#53: timed out ; <<>> DiG 9.18.24-1-Debian <<>> @isrvdns3.astra-net.com 0.0.0.0.2.0.a.2.ip6.arpa ns ; (1 server found) ;; global options: +cmd ;; no servers could be reached $ dig 0.a.2.ip6.arpa ns ; <<>> DiG 9.18.24-1-Debian <<>> 0.a.2.ip6.arpa ns ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 32256 ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 9 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; COOKIE: b9ca8f96dd329dbf010000006613bf18d99a4c9d9cbff52a (good) ;; QUESTION SECTION: ;0.a.2.ip6.arpa. IN NS ;; ANSWER SECTION: 0.a.2.ip6.arpa. 78819 IN NS ns3.lacnic.net. 0.a.2.ip6.arpa. 78819 IN NS ns4.apnic.net. 0.a.2.ip6.arpa. 78819 IN NS rirns.arin.net. 0.a.2.ip6.arpa. 78819 IN NS ns3.afrinic.net. 0.a.2.ip6.arpa. 78819 IN NS pri.authdns.ripe.net. ... $ whois -h whois.ripe.net -T domain -d 2a00:: % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See https://apps.db.ripe.net/docs/HTML-Terms-And-Conditions % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '0.0.0.0.a.2.ip6.arpa' domain: 0.0.0.0.a.2.ip6.arpa descr: Arcor AG & Co. KG org: ORG-MAT1-RIPE admin-c: ANOC1-RIPE tech-c: ANOC1-RIPE zone-c: ANOC1-RIPE nserver: ns1.arcor-ip.de nserver: ns2.arcor-ip.de nserver: ns3.arcor-ip.de created: 2006-03-14T11:25:21Z last-modified: 2016-11-07T14:07:33Z source: RIPE mnt-by: ARCOR-MNT remarks: Unmaintained reverse domain object. remarks: Address prefix maintainer(s) added by RIPE NCC. remarks: For more information see: remarks: http://www.ripe.net/db/support/security/domain/syntax.html Best Ale --
- Previous message (by thread): [anti-abuse-wg] Reverse DNS delegations
- Next message (by thread): [anti-abuse-wg] Reverse DNS delegations
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]