I don't see any Mikrotik here...
----- Mike Hammett Intelligent Computing Solutions Midwest Internet Exchange The Brothers WISP ----- Original Message ----- From: "Jaime Solorza" <[email protected]> To: "Animal Farm" <[email protected]> Sent: Saturday, October 29, 2016 10:30:38 AM Subject: Re: [AFMUG] google dns No Ken that's me as well... I skip all the Mikrotik posts.... Yawn On Oct 29, 2016 9:22 AM, "Ken Hohhof" < [email protected] > wrote: Am I the only one that can’t follow what you are talking about? From: Af [mailto: [email protected] ] On Behalf Of David Milholen Sent: Saturday, October 29, 2016 10:18 AM To: [email protected] Subject: Re: [AFMUG] google dns Yes, And I monitor the list of ips it bans. These bans are from our dns server only. If I turn off the rule asc with all DNS server bans then the command functions as normal. Somewhere in that list there is a misbehaving ip asc with the ability to resolve from google dns On 10/28/2016 6:51 PM, Paul Stewart wrote: <blockquote> Most IDS systems have logs that you could search through and find the look up … should give you a clue … is that what you’re asking? <blockquote> On Oct 28, 2016, at 7:28 PM, David Milholen <[email protected]> wrote: Ok, I have some happy IDS components that seem to stopping google dns from completing a lookup to our website. How can I find out what ips are being blocked from making the trip? I am not sure a traceroute is going to do it. I dont have an issue getting to google. google-dns is having an issue finding our dns. This is what I get with the commands I run nslookup wletc.com 8.8.8.8 Server: 8.8.8.8 Address: 8.8.8.8#53 ** server can't find wletc.com : SERVFAIL When I disable the firewall rule that drops the bad IPs this is what I get. nslookup wletc.com 8.8.8.8 Server: 8.8.8.8 Address: 8.8.8.8#53 Non-authoritative answer: Name: wletc.com Address: 162.212.24.50 What ip addresses are causing the lookup to fail?? -- <Mail Attachment.jpeg> </blockquote> -- </blockquote>
