This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/ripe-atlas@ripe.net/
[atlas] Strong doubts about the option "DNS recursion"
- Previous message (by thread): [atlas] Strong doubts about the option "DNS recursion"
- Next message (by thread): [atlas] Strong doubts about the option "DNS recursion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Stephane Bortzmeyer
bortzmeyer at nic.fr
Fri Oct 25 12:41:32 CEST 2013
On Fri, Oct 25, 2013 at 12:15:28PM +0200, Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote a message of 35 lines which said: > {'definitions': [{'query_class': 'IN', 'use_probe_resolver': True, 'af': 4, 'query_argument': 'd7b16b2a97627e8ccbcccf93e773ec3f.cosmogol.fr', 'query_type': 'TXT', 'type': 'dns', 'is_oneoff': True, 'recursion_desired': False, 'description': 'DNS resolution of d7b16b2a97627e8ccbcccf93e773ec3f.cosmogol.fr'}], 'probes': [{'requested': 10, 'type': 'area', 'value': 'WW'}]} I created a second domain by the same method, changed only the recursion_desired option and got exactly the same result (measurement #1034374): {'definitions': [{'query_class': 'IN', 'use_probe_resolver': True, 'af': 4, 'query_argument': 'ea4f6f5b9176b3d55061e5bd85410c1b.cosmogol.fr', 'query_type': 'TXT', 'type': 'dns', 'is_oneoff': True, 'recursion_desired': True, 'description': 'DNS resolution of ea4f6f5b9176b3d55061e5bd85410c1b.cosmogol.fr'}], 'probes': [{'requested': 10, 'type': 'area', 'value': 'WW'}]} So, it seems as if recursion_desired is ignored and the reality is that the RD bit is always set. By the way, this investigation was done because some people, to monitor the content of the DNS caches, use open resolvers (<https://indico.dns-oarc.net//getFile.py/access?contribId=7&resId=1&materialId=slides&confId=1> and <http://samarudge.github.io/dnsyo/>) and I tought it would be better to use Atlas probes. But the tests may have to be run without RD, otherwise you risk "poisoning" the caches, if you use the measurement to test a hijacking, for instance, as in the first example mentioned.
- Previous message (by thread): [atlas] Strong doubts about the option "DNS recursion"
- Next message (by thread): [atlas] Strong doubts about the option "DNS recursion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]