Hi Ask.
There seems to be a problem with the pool DNS servers that prevents name
resolution for *.pool.ntp.org with resolvers using 0x20 encoding[1].
The nameservers answer all-lowercase queries:
$ dig +norec pool.ntp.org @a.ntpns.org
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38764
;; flags: qr aa; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
[...]
But they return SERVFAIL if the query name contains any upper-case
characters:
$ dig +norec Pool.ntp.org @a.ntpns.org
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 29917
;; flags: qr; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
[...]
As far as I can see, all pool nameservers are affected.
[1] random mixed-cases queries to increase the difficulty for cache
poisoning: http://tools.ietf.org/html/draft-vixie-dnsext-dns0x20-00
Hauke.
_______________________________________________
pool mailing list
[email protected]
http://lists.ntp.org/listinfo/pool
