-1

I found two strange DNS entry in the *.bnl top-level domain. First,

Running dig bnl. a ; dig bnl. mx results in:

bnl.    3600    IN    A     127.0.53.53
bnl.    3600    IN    MX    10 your-dns-needs-immediate-attention.bnl.

This is strange for two reasons:

  1. TLDs normally don't have an A record. Also, it points to an IP within the loopback IP range.
  2. TLDs normally don't have an MX entry. Also, the MX record is obviously designed to get some administrator's attention.

What is going wrong here? Did some administrator misconfigure their TLD?

vog
  • 23,517
  • 11
  • 59
  • 75

2 Answers2

1

There is nothing wrong with it, it's just in the process of being brought online. If you do a TXT lookup on it you get a nice URL to follow where you can read all about what's going on:

Kadath:~$ dig txt bnl. +short
"your dns configuration needs immediate attention see https://icann.org/namecollision"

Edit: The point of what you see is to give anyone using the upcoming TLD for their own purposes a heads-up that their setup is about to break. The A record, for example, uses the address 127.0.53.53 since that is in the 127.0.0.0/8 localhost block (so traffic sent there will not disturb anyone else) while using the DNS port number as a hint about what's going on.

Calle Dybedahl
  • 5,228
  • 2
  • 18
  • 22
  • Okay, so this warning is meant to appear on any organization that uses internally a "bnl" toplevel domain, which now resolves outside the world. Is that correct? (If so, would you mind clarifying that in your answer?) – vog Aug 08 '15 at 20:04
0

I would suggest that since the TLD is valid and resolves, with DNSSEC, all the way from the root:

root@ent01:/etc/bind# dig +trace bnl.

; <<>> DiG 9.9.5-3ubuntu0.4-Ubuntu <<>> +trace bnl.
;; global options: +cmd
.                       478397  IN      NS      a.root-servers.net.
.                       478397  IN      NS      m.root-servers.net.
.                       478397  IN      NS      g.root-servers.net.
.                       478397  IN      NS      c.root-servers.net.
.                       478397  IN      NS      b.root-servers.net.
.                       478397  IN      NS      l.root-servers.net.
.                       478397  IN      NS      f.root-servers.net.
.                       478397  IN      NS      j.root-servers.net.
.                       478397  IN      NS      k.root-servers.net.
.                       478397  IN      NS      h.root-servers.net.
.                       478397  IN      NS      e.root-servers.net.
.                       478397  IN      NS      i.root-servers.net.
.                       478397  IN      NS      d.root-servers.net.
;; Received 239 bytes from 208.67.222.222#53(208.67.222.222) in 303 ms

bnl.                    172800  IN      NS      c0.nic.bnl.
bnl.                    172800  IN      NS      b0.nic.bnl.
bnl.                    172800  IN      NS      a2.nic.bnl.
bnl.                    172800  IN      NS      a0.nic.bnl.
bnl.                    86400   IN      DS      49953 7 2 C183F9CD6ECD80BF9CB0AFF9D8F3C21DC7D14D866967C51924D0F674 9A52B5BB
bnl.                    86400   IN      DS      49953 7 1 1A4FAA58FB885D0290D573ADDEABCAC75A547255
bnl.                    86400   IN      RRSIG   DS 8 1 86400 20150817170000 20150807160000 1518 . E7tbHUR9+Te+laSwBmPxDjPzdd+yoc+xtCB4cN2mG7maTXMAitkSrp9x 6kiwPknriSbE9JwvyCBTmUkR+BliHWC3BezBKbTQIpeyqWHeFjzaQ5ou z3br+hg1OTNuIwZTutDC++7+tMRRwSDM2NTUJo+GcZKMaNNCpYhd7/Vr Xzg=
;; Received 523 bytes from 192.112.36.4#53(g.root-servers.net) in 684 ms

bnl.                    3600    IN      A       127.0.53.53
bnl.                    3600    IN      RRSIG   A 7 1 3600 20150826073521 20150805063521 37410 bnl. CIf4p35OC136zABgXEZ/UvnLRZQw+vLSSeRiCJ2jbKxC3wMRzDj1x0Ym npii+AvJijMFlqm5I8VRNmcAq5cyDUY98twM/4bb6eKc/qtaszLjNnw9 WV8z3TibF0bZaqugNIpmh5PIM5P5yRSq0ToyxVLmKABuiSyn7RBseWbq lA8=
bnl.                    86400   IN      NS      b0.nic.bnl.
bnl.                    86400   IN      NS      c0.nic.bnl.
bnl.                    86400   IN      NS      a0.nic.bnl.
bnl.                    86400   IN      NS      a2.nic.bnl.
bnl.                    86400   IN      RRSIG   NS 7 1 86400 20150826073521 20150805063521 37410 bnl. SxOOfC2B4opb+Or9t+0GZCMF6ajA/uyFEXZNcXuLO9m4rREOT8K7n6l6 05CuwtFDD6LjK3vC9tbm9piXNJ0bh2qoeXjWRTCuGxeU+o7iyazA1Lx/ 1Ik7z/guZzRistMlRpkQKhF72G83jBf2Udm+biWq3jIFhnzD+Ntj4Z03 jKc=
;; Received 622 bytes from 65.22.65.1#53(b0.nic.bnl) in 52 ms

That it's "working as intended". Unless you know someone on the inside at Banca Nazionale del Lavoro, who owns the TLD, that says otherwise. It does, however, appear to be a fairly new zone, so they may simply have not completed a roll-out or are using it as a placeholder.

Rick Buford
  • 629
  • 3
  • 4