Describe DNS/DNSSEC/gtld-servers here.
.com のサーバは[a-m].gtld-servers.netだ
- でも、返答がばらばらだ。なぜ。 (b.gtld-servers.net は機能していない。)
- しかも、DNSKEY レコードが変だ。なにこれ。
$ dig +dnssec @a.gtld-servers.net dnskey com
; <<>> DiG 9.7.1-P2 <<>> +dnssec @a.gtld-servers.net dnskey com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8695 ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 512 ;; QUESTION SECTION: ;com. IN DNSKEY ;; ANSWER SECTION: com. 86400 IN DNSKEY 257 3 8 AwEAAa9Lp++++++++++++++++THIS/IS/AN/INVALID/KEY/AND/SHOU LD/NOT/BE/USED/CONTACT/INFO/AT/VERISIGN+GRS/DOT/COM+++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++8= com. 86400 IN DNSKEY 256 3 8 AwEAAa2CM++++++++++++++++THIS/IS/AN/INVALID/KEY/AND/SHOU LD/NOT/BE/USED/CONTACT/INFO/AT/VERISIGN+GRS/DOT/COM+++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ +++++++8 com. 86400 IN RRSIG DNSKEY 8 1 86400 20110305192533 20110226192033 30909 com. nPL6NKbpYefEIVyO6J0frcAaRN/ReuOzcyez1anuXt0izOGtEK8/ndmm gK3nQ6j8vvR7/7z+MNetXVAC9u8Exgn4kwcVPcTwTNf+ppDBNBfzLCUk 1LjKPx3fb8aFcySfQe3WR21S35kEFJj1oE0QJnV9NvkogjLN+is8u9YX j15kon+lsJnepKB2u5YbXOWYQIAgupJAm1DUZ0WnaMXiznLHe9vvvZTi 9uSfNksj8X4lAFE/i+I/zNlL+oZ6qqdoJqzOkBYSx8cr2G+S0j2coWfa JObDEIaNfoqmv6c6jwrLfXrGd74B/HGDAbwGC7CQHlCUVK/sCWFNS5IA 7XTovg== ;; Query time: 221 msec ;; SERVER: 192.5.6.30#53(192.5.6.30) ;; WHEN: Wed Mar 2 10:14:39 2011 ;; MSG SIZE rcvd: 747
$ dig +dnssec @b.gtld-servers.net dnskey com
; <<>> DiG 9.7.1-P2 <<>> +dnssec @b.gtld-servers.net dnskey com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55192 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags: do; udp: 512 ;; QUESTION SECTION: ;com. IN DNSKEY ;; AUTHORITY SECTION: com. 900 IN SOA a.gtld-servers.net. nstld.verisign-grs.com. 1299028479 1800 900 604800 86400 ;; Query time: 71 msec ;; SERVER: 192.33.14.30#53(192.33.14.30) ;; WHEN: Wed Mar 2 10:15:11 2011 ;; MSG SIZE rcvd: 105