Hurricane Electric's IPv6 Tunnel Broker Forums

IPv6 Certification Program Topics => General Discussion => Topic started by: divad27182 on May 27, 2017, 12:24:25 PM

Title: "DIG AAAA" test bug
Post by: divad27182 on May 27, 2017, 12:24:25 PM
I tried to submit the following result:
Code: [Select]
; <<>> DiG 9.9.5-4~bpo70+1-Debian <<>> aa.net.uk AAAA
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 33571
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;aa.net.uk. IN AAAA

;; ANSWER SECTION:
aa.net.uk. 53 IN AAAA 2001:8b0:0:30::68
aa.net.uk. 53 IN AAAA 2001:8b0:0:30::65

;; AUTHORITY SECTION:
aa.net.uk. 172793 IN NS primary-dns.co.uk.
aa.net.uk. 172793 IN NS secondary-dns.co.uk.

;; ADDITIONAL SECTION:
primary-dns.co.uk. 172793 IN A 81.187.30.41
primary-dns.co.uk. 172793 IN AAAA 2001:8b0:0:30::51bb:1e29
secondary-dns.co.uk. 172793 IN A 81.187.81.32
secondary-dns.co.uk. 172793 IN AAAA 2001:8b0:0:81::51bb:5120

;; Query time: 1 msec
;; SERVER: 192.168.222.47#53(192.168.222.47)
;; WHEN: Sat May 27 15:11:03 EDT 2017
;; MSG SIZE  rcvd: 239


It was refused, on the basis that "2001:8b0:0:30::68" did not match "2001:8b0:0:30::65".  It turns out that the server side DNS lookup gets the first address, and the parser gets the last address, so any hostname with two IPv6 addresses is rejected unless you cherry pick the submitted results.