On Wed, Jul 31, 2024, at 17:22, Jorge Bastos via Pdns-users wrote: > Hi Brian, > > On 2024-07-27 11:13, Brian Candler via Pdns-users wrote: > >> On 27/07/2024 10:07, Jan-Piet Mens via Pdns-users wrote: >>>> DOMANIN.TLD IN A 185.99.65.7777 >>> >>> interesting IP address. >> Indeed. The OP emphasised that this is literally the invalid IP address >> they put in. If the first three octets are correct then the prefix belongs >> to a Czech internet exchange. >> >> I think the point was, how is PowerDNS expected to handle malformed IP >> addresses? But without knowing the actual domain, we can't tell why they >> started to get NXDOMAIN as the OP claimed, and not (for example) SERVFAIL or >> NOERROR. >> >> I guess if they've already changed it and the problem has gone away, there's >> nothing to be learned now. >> > > yes, the invalid IP was on purpose, to disable the access to the domain's > website. > The point is, should pdns return SERVFAIL for ALL records because i inserted > an invalid IP ADDRR in the domain's A record ? > Shouldn't pdns just return the IP as it was inserted? >
An 'A' RR is DNS is not just a database entry which can contain anything at all; it has a defined format and valid values. It should not be surprising to hear that PowerDNS Auth treated the entire zone as invalid when it found an invalid A record value in the zone. There's a very good chance that it is not actually possible for it to return '185.99.65.7777' in a response to a query for an A record, since there are only 32 bits in the RDATA field for records of type 'A'.
_______________________________________________ Pdns-users mailing list Pdns-users@mailman.powerdns.com https://mailman.powerdns.com/mailman/listinfo/pdns-users