[wplug] Very strange DNS activity

Thu Jul 28 14:40:43 EDT 2005

On Jul 28, 2005, at 11:09 AM, Bill Moran wrote:

> Patrick Wagstrom <pwagstro at andrew.cmu.edu> wrote:
>
>
>> On Thu, 2005-07-28 at 12:40 -0400, Bill Moran wrote:
>>
>>> I'd be grateful to anyone who can explain what the government is  
>>> doing with
>>> their DNS.  It appears as if www.treas.gov is an alias for
>>> treas.tpaq.treasury.gov, but treas.tpaq.treasury.gov does not have a
>>> DNS record.
>>>
>>> However, if you go to www.treas.gov in a web browser, all works  
>>> well.
>>>
>>> Anyone have enough DNS-fu to explain this oddity?
>>>
>>
>> Looks like a problem with your setup.  Everything looks kosher here.
>>
>
> [snip]
>
> Looks like it was a transient problem, as I can no longer reproduce  
> it.
>
> I suspected this might be the case, since the expiry times on the  
> records
> was set to 20 seconds (which is normally insane, but a nice idea while
> switching DNS entries around).

[snip]

The following may be an indication of an understaffing issue? Anyway,  
it probably means that they are changing records and you got caught  
in a propagation snafu.

http://www.dotgov.gov/
--
NOTICE: All unpaid .Gov domain names must be paid for via credit card  
ASAP or they will be subject to service interruption.
You have reached the General Services Administration (GSA) website  
for domain name registration for the U.S. government. Since 1997, we  
have been proud to manage the .gov and .fed.US top-level domains.

--

There is a whois record webtool at that site. My command line "whois  
treas.gov" keeps giving "whois: gov.whois-servers.net: connect:  
Connection timed out"

https://www.dotgov.gov/whois.aspx
Currently, TREAS.GOV is not available for registration.
TREAS.GOV
Department of the Treasury
TTB
Domain Name: TREAS.GOV
Status: Active
Technical POC:
(703) 747-9222

Domain servers in listed order:
NS1.TREAS.GOV   199.196.144.3
NS2.TREAS.GOV   199.196.144.4
NS21.TREAS.GOV   199.196.132.3

To follow up on strange DNS information it is good to do your 'dig'  
against a name server that you get from whois. This gave me the same  
ANSWER SECTION as Patrick, as it should.

Devin --No master of DNS-fu -- you now know my main move -- Drew

$ dig @NS1.TREAS.GOV www.treas.gov

; <<>> DiG 9.3.0 <<>> @NS1.TREAS.GOV www.treas.gov
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61003
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;www.treas.gov.                 IN      A

;; ANSWER SECTION:
www.treas.gov.          10      IN      CNAME   treas.tpaq.treasury.gov.
treas.tpaq.treasury.gov. 30     IN      A       66.77.70.101

;; AUTHORITY SECTION:
tpaq.treasury.gov.      84896   IN      NS      st3dns.usmint.gov.
tpaq.treasury.gov.      84896   IN      NS      dn3dns.usmint.gov.

;; ADDITIONAL SECTION:
dn3dns.usmint.gov.      2096    IN      A       66.77.122.131
st3dns.usmint.gov.      2096    IN      A       208.45.143.103

;; Query time: 106 msec
;; SERVER: 199.196.144.3#53(NS1.TREAS.GOV)
;; WHEN: Thu Jul 28 11:00:23 2005
;; MSG SIZE  rcvd: 162