This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[dns-wg] [mat-wg] NSID option on the RIPE Atlas SOA measurements of the root servers
- Previous message (by thread): [dns-wg] [mat-wg] NSID option on the RIPE Atlas SOA measurements of the root servers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Andrea Barberio
insomniac at slackware.it
Mon Jul 24 19:57:21 CEST 2017
On Thu, Jul 20, 2017 at 02:20:39PM +0200, Chris Amin <camin at ripe.net> wrote a message of 90 lines which said: >> it would be useful to have SOA queries from all probes with the NSID >> EDNS option set, in order to be able to match up responses with the >> particular responding instances > It is also useful to detect rogue root name servers (quite common with > anycast) or transparent DNS proxies. (Measurement #9209448 finds > several probes asking a rogue L-root, which has no NSID support, or > located behind a middlebox which strips NSID. Check probes > 23621,19770, 24890, 26328, 27059, 27080, 27843, 33806, 21570,14272, > 13660, 17775, 17841, 26587, 30847, 11410, 23438, 29814, 13719, 21140, > 25189, 25197. For some, the SOA serial number is so old that it is > probably a rogue root name server. Also, one probe, 28846, finds a > server replying with an abnormal NSID, which is not the normal from > L-root.) I also find useful to match id.server./hostname.bind. queries against the NSID results (à-la-nsidenumerator, see flag --id-server, https://github.com/insomniacslk/nsidenumerator )
- Previous message (by thread): [dns-wg] [mat-wg] NSID option on the RIPE Atlas SOA measurements of the root servers
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]