[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Open Resolver Problems

On Mar 25, 2013, at 11:44 AM, Valdis.Kletnieks at vt.edu wrote:

> On Mon, 25 Mar 2013 15:38:01 -0000, Nick Hilliard said:
>> On 25/03/2013 14:33, Mikael Abrahamsson wrote:
>>> I would like to be able to request an IP list of open resolvers in my ASN,
>>> perhaps sent to the contact details in RIPE whois database to make sure I'm
>>> not falsely representing that ASN.
>> Why would that matter?  This is publicly available information.
> Some of us have both publicly-facing authoritative DNS, and inward
> facing recursive servers that may be open resolvers but can't be
> found via NS entries (so the IP addresses of those aren't exactly
> publicly available info).

Scoping your responses based on query-source should work just fine in this case.

There's documentation on how to do that online here:


I highly recommend doing this with your name server.  If you have examples of how to do this you want to share and have me post, as I mentioned, please send me your edits and additions.  I want to make this valuable.

- Jared