Latest news of the domain name industry

Recent Posts

Victims of first confirmed new gTLD collision respond: “Fuck Google”

Kevin Murphy, September 12, 2014, 10:22:31 (UTC), Domain Registries

A number of companies have experienced errors on their networks due to collisions with a newly introduced gTLD.
The initial outcry from victims can be characterized as a storm of profanity, which it could be argued is a good thing for security but not great for ICANN’s reputation.
The collisions, which I believe are the first to be publicly and widely reported, are due to Google’s new gTLD .prod, which was delegated September 1.
Google intends to use the TLD as a shorthand for “product”, but it seems some companies use it internally to mean “production”, meaning production servers rather than testing or development servers.
Issues started being reported on online fora on September 3, with Google unfairly bearing the brunt of the initial blame. Here are a few of the earliest examples from Twitter:


A day later, Reddit user “cunttard”, under a post entitled “Fuck Google”, wrote:

Google recently activated prod. TLD.
They also decided to wildcard DNS all entries to 127.0.53.53 to resolve name collisions for internal organisations. All because they wanted .prod for product? Why not fucking request .product?
The implications have been fucking horrendous. I am in the process of helping a mate unfuck his organisations DNS, which heavily relied on resolver search $FQDN to map xyz.prod to xyz.prod.$FQDN. Note this wasn’t even used as an internal TLD. Now they’re all resolving short names to 127.0.53.53. Lesson learnt; always use FQDN everywhere.
I’m just fucking sick of ICANN / Google continuing to fuck DNS.

LinuxQuestions user “fantasygoat” started a thread entitled “New tLD .prod is messing with my configs”, in which he wrote:

I used to be able to refer to just the subdomain in a DNS lookup, like “www1.prod” and it would know I meant “www1.prod.example.com”, my local domain. I’ve been using prod.example.com for decades as the production subdomain for various things.
Now it resolves to 127.0.53.53, which I believe is ICANN’s hack DNS answer for tLDs.
So, I have a bunch of config files without the domain name and it’s messing stuff up. Does anyone have a workaround so I can have my DNS respond to .prod requests as a subdomain of my domain?

I’ve found a couple of other examples on various mailing lists and web forums with systems administrators experiencing similar issues over the last week.
This, it seems to me, shows that ICANN’s hack for mitigating the risks of name collisions, developed by JAS Advisors, is working as expected.
In each reported case of a .prod collision I’ve been able to find, the admin either had already worked out that he needed to use a fully-qualified domain name (eg www.prod.example.com instead of www.prod) or was swiftly advised to do so by those responding to his post.
Most seem to have spotted that instead of returning NXDOMAIN errors, Google is returning the IP address 127.0.53.53, which was chosen because it’s an internal IP and because 53 is the TCP/IP port number for DNS.
Diverting to 127.0.53.53 is designed to catch the eye, alerting admins to the need to correctly configure their networks.
It certainly seems to be doing that, but it’s not winning ICANN or new gTLD registries any new friends.
Nobody has yet reported death or injury due to a collision.
Update: There has been one previously reported collision, concerning .guru.

Tagged: , ,

Comments (7)

  1. Tom Cooper says:

    ” I am in the process of helping a mate unfuck his organisations DNS, which heavily relied on resolver search $FQDN to map xyz.prod to xyz.prod.$FQDN”
    Are you going to tell him or shall I?

  2. It makes a change from the usual com/co or .net/.ne typos that normally appear in the zonefiles. Perhaps Google is the new Microsoft.

  3. Chris Hills says:

    The real issue is that ICANN has not reserved any top level domains for private use (in the same way that 192.168.0.0/16 is reserved for private networks).

  4. BLACKHAT says:

    google thinks it owns the internet and ICANN thinks it knows something, for both of them they can fuck yourself or together.

Add Your Comment