[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Open Resolver Problems

On Mon, 25 Mar 2013 23:19:31 -0400, Christopher Morrow said:

> > Some of us have both publicly-facing authoritative DNS, and inward
> > facing recursive servers that may be open resolvers but can't be
> > found via NS entries (so the IP addresses of those aren't exactly
> > publicly available info).
> 'virginia tech dns configuration' into the webcrawler and:
> https://computing.vt.edu/content/dns-addresses

Just proving my point - you didn't find the webpage that also lists
their IPv6 addresses. :)

Now explain how you find a recursive nameserver that isn't listed in an NS
entry and *hasn't* been publicized someplace that Google can find it.

> also
> ; <<>> DiG 9.7.0-P1 <<>> @ www.google.com

That might, must *might* mind you, be somewhat tangentially related
to why I asked Jared what the BCP is for dealing with mobile devices
with hardcoded DNS lists. :)

(Otherwise read as "we'll be glad to fix it if somebody has a brilliant
idea on how to do so without generating more calls to the help desk than
the near-zero rate we currently get about DNS amplification  issues"....)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 865 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20130326/01b87b5b/attachment.bin>