No Ken that's me as well... I skip all the Mikrotik posts.... Yawn On Oct 29, 2016 9:22 AM, "Ken Hohhof" <[email protected]> wrote:
> Am I the only one that can’t follow what you are talking about? > > > > *From:* Af [mailto:[email protected]] *On Behalf Of *David Milholen > *Sent:* Saturday, October 29, 2016 10:18 AM > *To:* [email protected] > *Subject:* Re: [AFMUG] google dns > > > > Yes, And I monitor the list of ips it bans. These bans are from our dns > server only. > > If I turn off the rule asc with all DNS server bans then the command > functions as normal. > > Somewhere in that list there is a misbehaving ip asc with the ability to > resolve from google dns > > > > > > On 10/28/2016 6:51 PM, Paul Stewart wrote: > > Most IDS systems have logs that you could search through and find the look up > … should give you a clue … is that what you’re asking? > > > > On Oct 28, 2016, at 7:28 PM, David Milholen <[email protected]> > <[email protected]> wrote: > > > > Ok, > > I have some happy IDS components that seem to stopping google dns from > completing a lookup to our website. > > How can I find out what ips are being blocked from making the trip? > > I am not sure a traceroute is going to do it. I dont have an issue getting > to google. > > google-dns is having an issue finding our dns. > > > > This is what I get with the commands I run > > nslookup wletc.com 8.8.8.8 > > Server: 8.8.8.8 > > Address: 8.8.8.8#53 > > > > ** server can't find wletc.com: SERVFAIL > > > > When I disable the firewall rule that drops the bad IPs this is what I get. > > nslookup wletc.com 8.8.8.8 > > Server: 8.8.8.8 > > Address: 8.8.8.8#53 > > > > Non-authoritative answer: > > Name: wletc.com > > Address: 162.212.24.50 > > > > What ip addresses are causing the lookup to fail?? > > > > -- > > <Mail Attachment.jpeg> > > > > > > -- >
