IANA Blackhole Servers Ill?

Peter Dambier peter at peter-dambier.de
Fri Oct 21 21:19:45 UTC 2005 

To me they do answer:

; <<>> DiG 9.1.3 <<>> -t any 10.in-addr.arpa. @blackhole-1.iana.org.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20469
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;10.in-addr.arpa.               IN      ANY

;; ANSWER SECTION:
10.in-addr.arpa.        604800  IN      SOA     prisoner.iana.org. hostmaster.root-servers.org.\
                                                 2002040800 1800 900 604800 604800
10.in-addr.arpa.        604800  IN      NS      blackhole-1.iana.org.
10.in-addr.arpa.        604800  IN      NS      blackhole-2.iana.org.

;; Query time: 113 msec
;; SERVER: 192.175.48.6#53(blackhole-1.iana.org.)
;; WHEN: Fri Oct 21 23:15:39 2005
;; MSG SIZE  rcvd: 162


; <<>> DiG 9.1.3 <<>> -t any 10.in-addr.arpa. @blackhole-2.iana.org.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43116
;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;10.in-addr.arpa.               IN      ANY

;; ANSWER SECTION:
10.in-addr.arpa.        604800  IN      SOA     prisoner.iana.org. hostmaster.root-servers.org.\
                                                 2002040800 1800 900 604800 604800
10.in-addr.arpa.        604800  IN      NS      blackhole-1.iana.org.
10.in-addr.arpa.        604800  IN      NS      blackhole-2.iana.org.

;; Query time: 112 msec
;; SERVER: 192.175.48.42#53(blackhole-2.iana.org.)
;; WHEN: Fri Oct 21 23:15:49 2005
;; MSG SIZE  rcvd: 162


Regards,
Peter and Karin Dambier


Crist Clark wrote:
> 
> We got some very weird compaints about applications "hanging." Tracked
> it down to reverse lookups timing out. Reverse lookups to RFC1918 space.
> Looks like the IANA blackhole servers for RFC1918 are not well?
> 
>   1   0.00000 207.88.152.10 -> 192.175.48.6 DNS C 
> 52.143.18.172.in-addr.arpa. Internet PTR ?
>   2   0.01375 192.175.48.6 -> 207.88.152.10 ICMP Destination unreachable 
> (UDP port 53 unreachable)
>   3   0.68455 207.88.152.10 -> 192.175.48.6 DNS C 
> 111.143.18.172.in-addr.arpa. Internet PTR ?
>   4   0.00529 192.175.48.6 -> 207.88.152.10 ICMP Destination unreachable 
> (UDP port 53 unreachable)
>   5   3.00417 207.88.152.10 -> 192.175.48.42 DNS C 
> 111.143.18.172.in-addr.arpa. Internet PTR ?
>   6   0.00548 192.175.48.42 -> 207.88.152.10 ICMP Destination 
> unreachable (UDP port 53 unreachable)
>   7   0.68462 207.88.152.10 -> 192.175.48.42 DNS C 
> 69.160.18.172.in-addr.arpa. Internet PTR ?
>   8   0.00623 192.175.48.42 -> 207.88.152.10 ICMP Destination 
> unreachable (UDP port 53 unreachable)
>   9   0.60348 207.88.152.10 -> 192.175.48.6 DNS C 
> 52.143.18.172.in-addr.arpa. Internet PTR ?
>  10   0.00523 192.175.48.6 -> 207.88.152.10 ICMP Destination unreachable 
> (UDP port 53 unreachable)
> 
> Looks like the hosts are up but not listening on 53/udp? Anyone else
> seeing this? Heard about it?
> 
> (Of course, the fix is to claim authority for the RFC1918 space you are
> using in your own DNS servers.)


-- 
Peter and Karin Dambier
Public-Root
Graeffstrasse 14
D-64646 Heppenheim
+49-6252-671788 (Telekom)
+49-179-108-3978 (O2 Genion)
+49-6252-750308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
mail: peter at echnaton.serveftp.com
http://iason.site.voila.fr
http://www.kokoom.com/iason

More information about the NANOG mailing list