## page was renamed from watchA/cloudflare/乗取/mixed_response = watchA/cloudflare/乗取/mixed_response = <> == 疑わしい返答 == 正常に委譲されたドメインであれば、2つのNSが同じ返答をする。(しかも、委譲NSに一致する。) しかし、怪しいものがある。 2つのNSのうちの一方しか返事をしない。返事のNSセットは登録NSとは不一致。(別の特定NS) 返事をするNSをふたつ返してくる。 cloudflareの不良というよりは、[[/elliot]]/mollyを割当られたひとが乗取を狙ったというのがありそう。 -- ToshinoriMaeno <> brianscottracing.com brianscottracing.com. 300 IN A 37.1.202.109 MXなし。 == 例 == {{{ %dig -t ns brianscottracing.com @a.gtld-servers.net ~/dnsq/cf11 ; <<>> DiG 9.12.1 <<>> -t ns brianscottracing.com @a.gtld-servers.net ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29514 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 2, ADDITIONAL: 5 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;brianscottracing.com. IN NS ;; AUTHORITY SECTION: brianscottracing.com. 172800 IN NS elliot.ns.cloudflare.com. brianscottracing.com. 172800 IN NS lorna.ns.cloudflare.com. ;; ADDITIONAL SECTION: elliot.ns.cloudflare.com. 172800 IN A 173.245.59.162 elliot.ns.cloudflare.com. 172800 IN AAAA 2400:cb00:2049:1::adf5:3ba2 lorna.ns.cloudflare.com. 172800 IN A 173.245.58.190 lorna.ns.cloudflare.com. 172800 IN AAAA 2400:cb00:2049:1::adf5:3abe ;; Query time: 54 msec ;; SERVER: 192.5.6.30#53(192.5.6.30) ;; WHEN: Mon Nov 11 12:51:53 JST 2019 ;; MSG SIZE rcvd: 192 }}} == elliotの返事 == {{{ %dig -t ns brianscottracing.com @elliot.ns.cloudflare.com. ~/dnsq/cf11 ; <<>> DiG 9.12.1 <<>> -t ns brianscottracing.com @elliot.ns.cloudflare.com. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 21418 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;brianscottracing.com. IN NS ;; ANSWER SECTION: brianscottracing.com. 86400 IN NS elliot.ns.cloudflare.com. brianscottracing.com. 86400 IN NS molly.ns.cloudflare.com. ;; Query time: 7 msec ;; SERVER: 173.245.59.162#53(173.245.59.162) ;; WHEN: Mon Nov 11 12:48:21 JST 2019 ;; MSG SIZE rcvd: 104 12:48f%dig -t ns brianscottracing.com @molly.ns.cloudflare.com. ~/dnsq/cf11 ; <<>> DiG 9.12.1 <<>> -t ns brianscottracing.com @molly.ns.cloudflare.com. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40810 ;; flags: qr aa rd; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;brianscottracing.com. IN NS ;; ANSWER SECTION: brianscottracing.com. 86400 IN NS elliot.ns.cloudflare.com. brianscottracing.com. 86400 IN NS molly.ns.cloudflare.com. ;; Query time: 6 msec ;; SERVER: 173.245.58.205#53(173.245.58.205) ;; WHEN: Mon Nov 11 12:48:30 JST 2019 ;; MSG SIZE rcvd: 104 }}} == lorna REFUSED == {{{ 12:48f%dig -t ns brianscottracing.com @lorna.ns.cloudflare.com. ~/dnsq/cf11 ; <<>> DiG 9.12.1 <<>> -t ns brianscottracing.com @lorna.ns.cloudflare.com. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 30673 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 512 ;; QUESTION SECTION: ;brianscottracing.com. IN NS ;; Query time: 7 msec ;; SERVER: 173.245.58.190#53(173.245.58.190) ;; WHEN: Mon Nov 11 12:48:48 JST 2019 ;; MSG SIZE rcvd: 49 }}}