Monday, January 31, 2005
Doubt begins only at the last frontiers of what is possible
Transaction ID: 0x0016
Flags: 0x8100 (Standard query response, No error)
1... .... .... .... = Response: Message is a response
.000 0... .... .... = Opcode: Standard query (0)
.... .0.. .... .... = Authoritative: Server is not an authority for domain
.... ..0. .... .... = Truncated: Message is not truncated
.... ...1 .... .... = Recursion desired: Do query recursively
.... .... 0... .... = Recursion available: Server can't do recursive queries
.... .... .0.. .... = Z: reserved (0)
.... .... ..0. .... = Answer authenticated: Answer/authority portion was not authenticated by the server
.... .... .... 0000 = Reply code: No error (0)
The server responded back with the name servers for the URL in question. I've never seen a DNS server as screwed up as this one. Iterative queries are for server to server operations, not for end station queries. In fact, I can't find any reference to any registry value in Windoze that can be set to force iterative queries in situations like this. I wouldn't necessarily want every PC on my network doing iterative queries against servers from both the bandwidth and security standpoint, and I'm mystified as to why a major cable ISP couldn't pick something like this up - surely if it's happening to my friend, it's happening to other people in the neighborhood. Or are sheeple too inured to mediocre service to complain?
One correspondent suggested pulling the router, as he had attempted an nslookup against the very server in question and got back a correct result. I doubt it's the router, as the checksums were OK, and the server was providing the best known name servers for the URL in question in the response. I'll try it for grins and giggles, but it's absorbing too much of my time. He did provide another reasonably local DNS server on that ISP's network for me to try with my friend's PC, and I'll do that later after I've finished my nightly voodoo doll ritual with Mr. Gates' effigy.