1. Akamai/ENT
について、ここに記述してください。
Contents
[dns-operations] Akamai now works with ENT (Empty Non-Terminals)?
経緯、関連の整理 https://lists.dns-oarc.net/pipermail/dns-operations/2019-April/018639.html
AkamaiのJoh Reedによる説明 https://lists.dns-oarc.net/pipermail/dns-operations/2019-April/018640.html
[dns-operations] Akamai now works with ENT (Empty Non-Terminals)? Jon Reed jreed at akamai.com Sun Apr 14 13:59:33 UTC 2019
The problem was specifically around the interaction between wildcards and ENTs. Correctly answering ENTs wasn't the hard part, the hard part was ensuring that we didn't break existing customer wildcard behavior (which because of a lack of ENTs, was not compliant with RFC 4592).
But my larger point was that explaining the concept of wildcards, closest enclosers, and empty-non-terminals to our customers was a NIGHTMARE.
Customers choose cloud providers specifically so they _don't_ have to be DNS experts, and it's a non-starter to have a conversation along the lines of "Well yes, I know your zone works fine on $OTHER_PROVIDER, but you see there are actually hundreds of invisible records in your zone which are interfering with your wildcard matching."
-Jon
まだ修正されていない。-- ToshinoriMaeno 2019-06-07 09:38:26
$ dig a95-100-176-188.deploy.akamaitechnologies.com @p5.akamaistream.net.
%dig a95-100-176-188.deploy.akamaitechnologies.com ; <<>> DiG 9.14.0 <<>> a95-100-176-188.deploy.akamaitechnologies.com ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63443 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1220 ;; QUESTION SECTION: ;a95-100-176-188.deploy.akamaitechnologies.com. IN A ;; ANSWER SECTION: a95-100-176-188.deploy.akamaitechnologies.com. 1800 IN A 95.100.176.188 ;; Query time: 291 msec ;; SERVER: 127.0.0.3#53(127.0.0.3) ;; WHEN: 金 6月 07 18:35:18 JST 2019 ;; MSG SIZE rcvd: 90
$ dig deploy.akamaitechnologies.com @p5.akamaistream.net. ; <<>> DiG 9.14.0 <<>> deploy.akamaitechnologies.com @p5.akamaistream.net. ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 34688 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;deploy.akamaitechnologies.com. IN A ;; AUTHORITY SECTION: akamaitechnologies.com. 180 IN SOA internal.akamaistream.net. hostmaster.akamai.com. 1559044082 90000 90000 90000 180 ;; Query time: 5 msec ;; SERVER: 193.108.88.66#53(193.108.88.66) ;; WHEN: 金 6月 07 18:40:31 JST 2019 ;; MSG SIZE rcvd: 137