--- Begin Message ---
On 2026-02-13 02:33, Stephane Bortzmeyer via dns-operations wrote:
While all the authoritative name servers for bit.ly currently have the
same serial number (1), my resolver got a SOA with a different number,
and a different content (no A and no AAAA):
% dig bit.ly
; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> bit.ly
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64698
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 1232
;; QUESTION SECTION:
;bit.ly. IN A
;; AUTHORITY SECTION:
bit.ly. 6623 IN SOA ns-1372.awsdns-43.org.
ns-cloud-c3.googledomains.com. (
2003080406 ; serial
10800 ; refresh (3 hours)
3600 ; retry (1 hour)
604800 ; expire (1 week)
21600 ; minimum (6 hours)
)
;; Query time: 4 msec
;; SERVER: 192.168.2.254#53(192.168.2.254) (UDP)
;; WHEN: Fri Feb 13 11:24:42 CET 2026
;; MSG SIZE rcvd: 121
Testing with RIPE Atlas probes
<https://atlas.ripe.net/measurements/154580059>, I see that I'm not
the only one who got this serial number 2003080406.
Temporary error in publication? Or an anycast instance somewhere
serving a wrong zone?
Frankly. There's a lot to chase here. It's not *terribly* uncommon
for an outdated server to appear in a list of NSs this long.
What *is* strange, is that your client would consider *choosing* an
outdated NS. It's also interesting to note the wide range in the
caches -- 3600 - 86400.
# drill -T bit.ly SOA
. 518400 IN NS a.root-servers.net.
. 518400 IN NS b.root-servers.net.
. 518400 IN NS c.root-servers.net.
. 518400 IN NS d.root-servers.net.
. 518400 IN NS e.root-servers.net.
. 518400 IN NS f.root-servers.net.
. 518400 IN NS g.root-servers.net.
. 518400 IN NS h.root-servers.net.
. 518400 IN NS i.root-servers.net.
. 518400 IN NS j.root-servers.net.
. 518400 IN NS k.root-servers.net.
. 518400 IN NS l.root-servers.net.
. 518400 IN NS m.root-servers.net.
ly. 172800 IN NS dns.lttnet.net.
ly. 172800 IN NS pch.ltt.ly.
ly. 172800 IN NS dns1.lttnet.net.
ly. 172800 IN NS ns-ly.afrinic.net.
ly. 172800 IN NS phloem.uoregon.edu.
bit.ly. 3600 IN NS ns-cloud-c2.googledomains.com.
bit.ly. 3600 IN NS ns-cloud-c3.googledomains.com.
bit.ly. 3600 IN NS ns-cloud-c1.googledomains.com.
bit.ly. 3600 IN NS ns-1372.awsdns-43.org.
bit.ly. 3600 IN NS ns-705.awsdns-24.net.
bit.ly. 21600 IN SOA ns-cloud-c1.googledomains.com.
cloud-dns-hostmaster.google.com. 1 21600 3600 259200 3600
bit.ly. 86400 IN NS ns-1372.awsdns-43.org.
bit.ly. 86400 IN NS ns-276.awsdns-34.com.
bit.ly. 86400 IN NS ns-cloud-c4.googledomains.com.
bit.ly. 86400 IN NS ns-cloud-c3.googledomains.com.
bit.ly. 86400 IN NS ns-1766.awsdns-28.co.uk.
bit.ly. 86400 IN NS ns-cloud-c2.googledomains.com.
bit.ly. 86400 IN NS ns-705.awsdns-24.net.
bit.ly. 86400 IN NS ns-cloud-c1.googledomains.com.
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
--- End Message ---
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
