misbehaving DNS resolvers

Peter van Dijk peter at dataloss.nl
Sat Dec 21 14:22:32 UTC 2002


On Sat, Dec 21, 2002 at 02:26:36AM +0100, Peter van Dijk wrote:
> over the last week I have been seeing more and more resolvers (all
> that I know about are BIND but I'm not drawing conclusions yet) send
> my nameservers more and more *identical* queries, a *lot* of them.
> 
> Just to keep it short: take a look at
> http://www.dataloss.nl/dnsoffenders/ and
> http://www.dataloss.nl/dnsoffenders2/
> 
> If you notice any of your boxes in those lists with a high query count
> (dnsoffenders is measured over about 60-80 minutes, dnsoffenders2 is
> more like 30 minutes) please contact me. Thank you.

Vincent Schonau reports that 'fetch-glue no;' in the BIND config seems
to help (on BIND 8.3.4). If you are listed on my page, please try this
configuration option, wait for a stats update and see if it helps.

Thank you.

Greetz, Peter
-- 
peter at dataloss.nl  |  http://www.dataloss.nl/  |  Undernet:#clue
http://www.blinkenlights.nl/party/ - birthday party (page in Dutch)
all geeks invited - send mail to party at blinkenlights.nl for more info



More information about the NANOG mailing list