Open Resolver Problems

Jared Mauch jared at puck.nether.net
Wed Mar 27 13:56:57 UTC 2013


On Mar 27, 2013, at 8:47 AM, Nick Hilliard <nick at foobar.org> wrote:

> then use a vpn and/or provide that service to your users.  Sure, hotels and
> public access wifi does all sorts of stupid and obnoxious stuff, but the
> way to work around this is not by hardwiring your dns to some open resolver.

I've been in many a hotel where 4.2.2.1 is reachable with ttl=1

You must use a VPN or something else to get around places like that.

The hotel I'm typing from right now is even more broken..

Jareds-MacBook-Air:~ jared$ ping 4.2.2.1
PING 4.2.2.1 (4.2.2.1): 56 data bytes
64 bytes from 4.2.2.1: icmp_seq=0 ttl=53 time=17.159 ms
64 bytes from 4.2.2.1: icmp_seq=0 ttl=53 time=17.181 ms (DUP!)
64 bytes from 4.2.2.1: icmp_seq=1 ttl=53 time=16.787 ms
64 bytes from 4.2.2.1: icmp_seq=1 ttl=53 time=17.156 ms (DUP!)
64 bytes from 4.2.2.1: icmp_seq=2 ttl=53 time=22.056 ms
64 bytes from 4.2.2.1: icmp_seq=2 ttl=53 time=22.081 ms (DUP!)
^C

- Jared



More information about the NANOG mailing list