Last modified: 2014-05-22 19:01:44 UTC
$ dig @ns0.wikimedia.org wikimedia.org axfr [...] ;; XFR size: 1038 records (messages 13, bytes 27468) The same for wikipedia.org, wmflabs.org, etc. I'm not sure if this is intended but generally this would get frowned upon or something.
If I understand correctly, if this is a valid issue then it's a security one, so moving to the security area. Feel free to move it back if I'm wrong.
At this time, we make all of our dns configurations public, so this is actually intentional. Our ops director (CT) just confirmed it again with me. I'll make this bug public, in case anyone else is curious about it. Thanks for the report Jimmy. I'd much rather close it wontfix instead of not knowing about it.
Not sure what've changed, but now transfers no longer work. ; <<>> DiG 9.9.2-P2 <<>> @ns0.wikimedia.org wikimedia.org axfr ; (1 server found) ;; global options: +cmd ; Transfer failed. Checked the server admin log and got nothing, so popping up here for some ideas :)
The new software that we use doesn't support AXFRs at all. All the zone files are in a public git (and gerrit) repository now, though: https://git.wikimedia.org/summary/?r=operations/dns