IANA Blackhole Servers Ill?

Crist Clark crist.clark at globalstar.com
Fri Oct 21 21:53:32 UTC 2005


John van Oppen wrote:
> It is probably important to know that those servers are anycasted via the AS112 project (www.as112.net).   Perhaps the AS112 operator you are seeing is having issues.  You could try to identify which one and let them know.

Three things:

1) At least one other person reports the same problem.

2) They've been going up and down, so even if you go check and it
    works that one time, you may have caught it up.

3) I'd try to ask it which anycast instance it is, but both are
    sending ICMP unreachables at the moment. A traceroute says,

	traceroute to 192.175.48.42 (192.175.48.42), 64 hops max, 44 byte packets
	[snip]
	 6  p4-3-0.RAR2.SanJose-CA.us.xo.net (65.106.5.161)  34.390 ms  5.774 ms  5.280 ms
	 7  p1-0.IR1.PaloAlto-CA.us.xo.net (65.106.5.178)  44.123 ms  21.508 ms  5.672 ms
	 8  207.88.240.70.ptr.us.xo.net (207.88.240.70)  5.473 ms  26.629 ms  14.045 ms
	 9  ix-4-6.core3.PDI-PaloAlto.Teleglobe.net (207.45.196.66)  6.637 ms  10.697 ms  5.863 ms
	10  blackhole-2.iana.org (192.175.48.42)  6.547 ms  6.561 ms  8.935 ms

   I don't have a BGP view of the world from XO, our provider on
   this link. Anyone know which instance that is? It's "close" to
   Palo Alto? From,

	http://public.as112.net/node/2

   My best guess is ISC? But F-Root seems to be OK from here, FWIW, and
   a traceroute to F doesn't jump through that IX.

> -----Ursprüngliche Nachricht-----
> Von: Peter Dambier [mailto:peter at peter-dambier.de] 
> Gesendet: Friday, October 21, 2005 2:20 PM
> An: crist.clark at globalstar.com
> Cc: nanog
> Betreff: Re: IANA Blackhole Servers Ill?
> 
> 
> To me they do answer:
> 
> ; <<>> DiG 9.1.3 <<>> -t any 10.in-addr.arpa. @blackhole-1.iana.org.
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20469
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;10.in-addr.arpa.               IN      ANY
> 
> ;; ANSWER SECTION:
> 10.in-addr.arpa.        604800  IN      SOA     prisoner.iana.org. hostmaster.root-servers.org.\
>                                                  2002040800 1800 900 604800 604800
> 10.in-addr.arpa.        604800  IN      NS      blackhole-1.iana.org.
> 10.in-addr.arpa.        604800  IN      NS      blackhole-2.iana.org.
> 
> ;; Query time: 113 msec
> ;; SERVER: 192.175.48.6#53(blackhole-1.iana.org.)
> ;; WHEN: Fri Oct 21 23:15:39 2005
> ;; MSG SIZE  rcvd: 162
> 
> 
> ; <<>> DiG 9.1.3 <<>> -t any 10.in-addr.arpa. @blackhole-2.iana.org.
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43116
> ;; flags: qr aa rd; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0
> 
> ;; QUESTION SECTION:
> ;10.in-addr.arpa.               IN      ANY
> 
> ;; ANSWER SECTION:
> 10.in-addr.arpa.        604800  IN      SOA     prisoner.iana.org. hostmaster.root-servers.org.\
>                                                  2002040800 1800 900 604800 604800
> 10.in-addr.arpa.        604800  IN      NS      blackhole-1.iana.org.
> 10.in-addr.arpa.        604800  IN      NS      blackhole-2.iana.org.
> 
> ;; Query time: 112 msec
> ;; SERVER: 192.175.48.42#53(blackhole-2.iana.org.)
> ;; WHEN: Fri Oct 21 23:15:49 2005
> ;; MSG SIZE  rcvd: 162
> 
> 
> Regards,
> Peter and Karin Dambier
> 
> 
> Crist Clark wrote:
> 
>>We got some very weird compaints about applications "hanging." Tracked
>>it down to reverse lookups timing out. Reverse lookups to RFC1918 space.
>>Looks like the IANA blackhole servers for RFC1918 are not well?
>>
>>  1   0.00000 207.88.152.10 -> 192.175.48.6 DNS C 
>>52.143.18.172.in-addr.arpa. Internet PTR ?
>>  2   0.01375 192.175.48.6 -> 207.88.152.10 ICMP Destination unreachable 
>>(UDP port 53 unreachable)
>>  3   0.68455 207.88.152.10 -> 192.175.48.6 DNS C 
>>111.143.18.172.in-addr.arpa. Internet PTR ?
>>  4   0.00529 192.175.48.6 -> 207.88.152.10 ICMP Destination unreachable 
>>(UDP port 53 unreachable)
>>  5   3.00417 207.88.152.10 -> 192.175.48.42 DNS C 
>>111.143.18.172.in-addr.arpa. Internet PTR ?
>>  6   0.00548 192.175.48.42 -> 207.88.152.10 ICMP Destination 
>>unreachable (UDP port 53 unreachable)
>>  7   0.68462 207.88.152.10 -> 192.175.48.42 DNS C 
>>69.160.18.172.in-addr.arpa. Internet PTR ?
>>  8   0.00623 192.175.48.42 -> 207.88.152.10 ICMP Destination 
>>unreachable (UDP port 53 unreachable)
>>  9   0.60348 207.88.152.10 -> 192.175.48.6 DNS C 
>>52.143.18.172.in-addr.arpa. Internet PTR ?
>> 10   0.00523 192.175.48.6 -> 207.88.152.10 ICMP Destination unreachable 
>>(UDP port 53 unreachable)
>>
>>Looks like the hosts are up but not listening on 53/udp? Anyone else
>>seeing this? Heard about it?
>>
>>(Of course, the fix is to claim authority for the RFC1918 space you are
>>using in your own DNS servers.)
> 
> 
> 


-- 
Crist J. Clark                               crist.clark at globalstar.com
Globalstar Communications                                (408) 933-4387

The information contained in this e-mail message is confidential,
intended only for the use of the individual or entity named above.
If the reader of this e-mail is not the intended recipient, or the
employee or agent responsible to deliver it to the intended recipient,
you are hereby notified that any review, dissemination, distribution or
copying of this communication is strictly prohibited.  If you have
received this e-mail in error, please contact postmaster at globalstar.com



More information about the NANOG mailing list