This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[dns-wg] [mat-wg] NSID option on the RIPE Atlas SOA measurements of the root servers

Previous message (by thread): [dns-wg] [mat-wg] NSID option on the RIPE Atlas SOA measurements of the root servers

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrea Barberio insomniac at slackware.it
Mon Jul 24 19:57:21 CEST 2017

On Thu, Jul 20, 2017 at 02:20:39PM +0200,
 Chris Amin <camin at ripe.net> wrote 
 a message of 90 lines which said:

>> it would be useful to have SOA queries from all probes with the NSID
>> EDNS option set, in order to be able to match up responses with the
>> particular responding instances

> It is also useful to detect rogue root name servers (quite common with
> anycast) or transparent DNS proxies. (Measurement #9209448 finds
> several probes asking a rogue L-root, which has no NSID support, or
> located behind a middlebox which strips NSID. Check probes
> 23621,19770, 24890, 26328, 27059, 27080, 27843, 33806, 21570,14272,
> 13660, 17775, 17841, 26587, 30847, 11410, 23438, 29814, 13719, 21140,
> 25189, 25197. For some, the SOA serial number is so old that it is
> probably a rogue root name server. Also, one probe, 28846, finds a
> server replying with an abnormal NSID, which is not the normal from
> L-root.)

I also find useful to match id.server./hostname.bind. queries against the
NSID results (à-la-nsidenumerator, see flag --id-server, https://github.com/insomniacslk/nsidenumerator )

Previous message (by thread): [dns-wg] [mat-wg] NSID option on the RIPE Atlas SOA measurements of the root servers

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ dns-wg Archives ]