Date: Tue June 10 2008
To: Report to Complience Committee and the TLD WG
Top Level Domain Association
From: Joe Baptista
Public Root Representative
Subject: UnifiedRoot resolution failure
A problem has existed for some time at the UnifiedRoot which will
jeopardize the ability of TLDs within that root system from
resolving.
If we visit their manual update page at,
http://www.unifiedroot.com/en/unifyme/unifyme_manually
we find a list of the UnifiedRoot recursive domain name servers.
Location Name Address
Europe ns1.unifiedroot.net 83.138.178.218
America ns2.unifiedroot.net 72.3.208.251
Asia Pacific ns3.unifiedroot.net 203.142.18.42
The first problem we encounter is that the unifiedroot.net domain
does not resolve. According to the DNS the unifiedroot.net has as
its primary and secondary NS the servers ns1.unifiedroot.com and
ns2.unifiedroot.com.
; <<>> DiG 9.4.1-P1 <<>> unifiedroot.net. ANY
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38978
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;unifiedroot.net. IN ANY
;; ANSWER SECTION:
unifiedroot.net. 172800 IN NS ns2.unifiedroot.com.
unifiedroot.net. 172800 IN NS ns1.unifiedroot.com.
;; AUTHORITY SECTION:
unifiedroot.net. 172800 IN NS ns1.unifiedroot.com.
unifiedroot.net. 172800 IN NS ns2.unifiedroot.com.
;; Query time: 621 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Tue Jun 10 14:07:18 2008
;; MSG SIZE rcvd: 112
However when either server is questioned for data concerning
unifiedroot.net they refuse to answer.
; <<>> DiG 9.4.1-P1 <<>> @ns1.unifiedroot.com. unifiedroot.net. ANY
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 51569
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;unifiedroot.net. IN ANY
;; Query time: 112 msec
;; SERVER: 89.207.31.4#53(89.207.31.4)
;; WHEN: Tue Jun 10 14:10:25 2008
;; MSG SIZE rcvd: 33
; <<>> DiG 9.4.1-P1 <<>> @ns2.unifiedroot.com. unifiedroot.net. ANY
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 32100
;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;unifiedroot.net. IN ANY
;; Query time: 116 msec
;; SERVER: 89.207.31.7#53(89.207.31.7)
;; WHEN: Tue Jun 10 14:10:36 2008
;; MSG SIZE rcvd: 33
Also if we try to reach these servers via their listed IPv4 addresses,
being 83.138.178.218, 72.3.208.251 and 203.142.18.42, we find non of
these servers are operational.
; <<>> DiG 9.4.1-P1 <<>> @83.138.178.218 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @72.3.208.251 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @203.142.18.42 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
Another problem is the unifiedroot root servers. They are all in the
domain unifiedroot.net. So of course since the domain does not resolve
it is impossible to find the root servers for the name servers labeled
a.unifiedroot.net through m.unifiedroot.net.
I was however able to get the IPv4 addresses for these root servers from
the IASON tests run by Peter Dambier. The servers names including their
IPv4 addresses are:
a.unifiedroot.net. 86400 IN A 207.97.237.208
b.unifiedroot.net. 86400 IN A 213.221.109.249
c.unifiedroot.net. 86400 IN A 81.177.20.66
d.unifiedroot.net. 86400 IN A 202.157.179.26
e.unifiedroot.net. 86400 IN A 196.31.65.163
f.unifiedroot.net. 86400 IN A 209.172.39.130
g.unifiedroot.net. 86400 IN A 212.43.240.19
h.unifiedroot.net. 86400 IN A 202.157.188.46
i.unifiedroot.net. 86400 IN A 202.157.181.80
j.unifiedroot.net. 86400 IN A 207.228.237.58
k.unifiedroot.net. 86400 IN A 202.157.191.72
l.unifiedroot.net. 86400 IN A 203.142.12.54
m.unifiedroot.net. 86400 IN A 80.67.98.99
I test each IP address for root activity and found that non of the
listed servers responded except for one, being k.unifiedroot.net at
IPv4 address 202.157.191.72. k.unifiedroot.net did respond with an
SOA dated December 30 2007.
The tests of each root follow:
; <<>> DiG 9.4.1-P1 <<>> @207.97.237.208 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @213.221.109.249 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @81.177.20.66 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @202.157.179.26 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @196.31.65.163 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @209.172.39.130 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @212.43.240.19 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @202.157.188.46 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @202.157.181.80 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @207.228.237.58 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @202.157.191.72 . ANY
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34514
;; flags: qr aa rd; QUERY: 1, ANSWER: 14, AUTHORITY: 0, ADDITIONAL: 13
;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;. IN ANY
;; ANSWER SECTION:
. 86400 IN SOA a.unifiedroot.net.
hostmaster.unifiedroot.com. 2007123011 1800 900 604800 86400
. 86400 IN NS a.unifiedroot.net.
. 86400 IN NS b.unifiedroot.net.
. 86400 IN NS c.unifiedroot.net.
. 86400 IN NS d.unifiedroot.net.
. 86400 IN NS e.unifiedroot.net.
. 86400 IN NS f.unifiedroot.net.
. 86400 IN NS g.unifiedroot.net.
. 86400 IN NS h.unifiedroot.net.
. 86400 IN NS i.unifiedroot.net.
. 86400 IN NS j.unifiedroot.net.
. 86400 IN NS k.unifiedroot.net.
. 86400 IN NS l.unifiedroot.net.
. 86400 IN NS m.unifiedroot.net.
;; ADDITIONAL SECTION:
a.unifiedroot.net. 86400 IN A 207.97.237.208
b.unifiedroot.net. 86400 IN A 213.221.109.249
c.unifiedroot.net. 86400 IN A 81.177.20.66
d.unifiedroot.net. 86400 IN A 202.157.179.26
e.unifiedroot.net. 86400 IN A 196.31.65.163
f.unifiedroot.net. 86400 IN A 209.172.39.130
g.unifiedroot.net. 86400 IN A 212.43.240.19
h.unifiedroot.net. 86400 IN A 202.157.188.46
i.unifiedroot.net. 86400 IN A 202.157.181.80
j.unifiedroot.net. 86400 IN A 207.228.237.58
k.unifiedroot.net. 86400 IN A 202.157.191.72
l.unifiedroot.net. 86400 IN A 203.142.12.54
m.unifiedroot.net. 86400 IN A 80.67.98.99
;; Query time: 285 msec
;; SERVER: 202.157.191.72#53(202.157.191.72)
;; WHEN: Tue Jun 10 14:26:04 2008
;; MSG SIZE rcvd: 496
; <<>> DiG 9.4.1-P1 <<>> @203.142.12.54 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
; <<>> DiG 9.4.1-P1 <<>> @80.67.98.99 . ANY
; (1 server found)
;; global options: printcmd
;; connection timed out; no servers could be reached
--
Joe Baptista
www.publicroot.org
PublicRoot Consortium
----------------------------------------------------------------
The future of the Internet is Open, Transparent, Inclusive,
Representative & Accountable to the Internet community @large.
----------------------------------------------------------------
Office: +1 (360) 526-6077 (extension 052)
Fax: +1 (509) 479-0084