Hi Julien Yes, we are experiencing the same issues recently with ptr-requests forwarded to the iana blackhole nameservers.
# dig -x 10.0.0.100 @blackhole-1.iana.org ;; global options: +cmd ;; connection timed out; no servers could be reached We now configured our nameservers to respond to those requests immediately without sending the queries to internet servers, which they shouldn't do anyway for RFC1918 IPs [1][2] Regards, Christian [1] https://deepthought.isc.org/article/AA-00800/0 [2] https://www.iana.org/help/abuse-answers -> Information about "Blackhole" Servers 2016-10-27 16:13 GMT+02:00 <m...@mbuf.net>: > Hi, > are there some people experiencing issues on some AS when using > iana blackhole nameservers for localnets? > > I usually meet this response for instance: > dig 172.16.1.1 @blackhole-1.iana.org > ;; global options: +cmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 34667 > ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 > ;; WARNING: recursion requested but not available > > ;; OPT PSEUDOSECTION: > ; EDNS: version: 0, flags:; udp: 4096 > ;; QUESTION SECTION: > ;172.16.1.1. IN A > > ;; Query time: 46 msec > ;; SERVER: 192.175.48.6#53(192.175.48.6) > ;; WHEN: Thu Oct 27 16: > > > But I don't get any reply packet on AS8220 (COLT). > dig 172.16.1.1 @blackhole-1.iana.org > ;; global options: +cmd > ;; connection timed out; no servers could be reached > > thank you. > > -- > |_|0|_| julien mabillard > |_|_|0| OpenPGP key fingerprint : F009 EFD0 8060 50FE DE07 4953 0E57 5BB0 > 8284 EF08 > |0|0|0| > > > _______________________________________________ > swinog mailing list > swinog@lists.swinog.ch > http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
