Hi,
First, I want to thank Shaun and Sandy for truly useful replies. Next, below
is a response from someone at Comcast – presumably an engineer of some sort.
I’m trying to fit together his comments (I find his tone pretty argumentative)
with the points made here. For examples, Shaun seems to have shown that
Comcast can intercept A-calls and I know that Comcast told me three years ago
they intercept some calls, and yet here is this guy claiming it’s impossible.
One thing Spencer has correct is a problem with ns1.xname.org. I have
secondary DNS services set up with xname and twisted4life and I noticed last
week that of the three xname servers (ns0, ns1, ns2), ns1 frequently had an old
serial number. One day it would be 131 or something similar, which is about
correct, and then the next day it would be 120, which is old. So last weekend
I removed all references to ns1 (but kept ns0 and ns2 as secondaries) from our
server and the registrar accounts. Really, by the time Spencer wrote to me
yesterday afternoon, he shouldn’t have seen any references to ns1.xname.org.
Any comments?
Thanks,
Ben
From: Jones, Spencer
Sent: Wednesday, November 21, 2012 2:39 PM
To: b...@bcwebhost.net
Cc: Self, Andrew
Subject: FW: DNS zone files for BC Web LLC (Ben Bednarz)
Sir,
As to what you have below. Your MX record does point to a host
name, but then that subdomain that does point to an A record and should ONLY
point to an A record has an MX record of its own. This is NOT set up correctly,
and WILL create issues. As far as our DNS servers intercepting DNS request
traffic. That is not possible. If I make a DNS request it will go to 8.8.8.8,
and if that server does not know the answer it goes to one of the 13 ROOT
servers, then if the root server does not know the IP it goes to the TLD
servers, they know the NS of the domain and go to that IP to get the answer if
they do not know it. That is it, our servers can not and would have no way to
know what traffic is going across the Comcast network, and then pull in packets
that are DNS requests. Tens of thousands of people on Comcast’s network run
DNS servers, including me and I do not have an issue. I bind to NASA’s ROOT
server and everything pulls from there. I also host a Name Server on the
network and never have I had a request answered by another NS. How do you
suspect that our servers intercept traffic meant for your IP address, but only
yours and only if it is a DNS request, and not any other traffic? Please show
the 2 domain query’s below to your DNS expert and see if he feels that is
correct that the subdomain points to itself. I am sorry you are having this
issue but forward records of zone files we do not host CAN NOT be our issue,
and in no way can ANY DNS server intercept a packet meant for another IP
address. I see five name servers below for this domain and when I look up
mail.bcwebhost.net on ns1.xname.org it gives me the answer of
mail2.bcwebhost.net. So I found your issue and as I said it is NOT a Comcast
one.
Query: bcwebhost.net. Query type: Any record
Recursive query: Yes Authoritative answer: Yes
Query time: 188 ms. Server name: n/a
Answer:
bcwebhost.net. 43200 A 173.164.65.201
bcwebhost.net. 43200 NS bcw4.bcwebhost.net.
bcwebhost.net. 43200 NS ns0.xname.org.
bcwebhost.net. 43200 NS ns2.xname.org.
bcwebhost.net. 43200 NS ns1.twisted4life.com.
bcwebhost.net. 43200 SOA bcw4.bcwebhost.net.
administrator.bcwebhost.net.
133
; serial
21600
; refresh (6 hours)
3600
; retry (1 hour)
2419200
; expire (28 days)
43200
; minimum (12 hours)
bcwebhost.net. 43200 MX 0 mail.bcwebhost.net.
bcwebhost.net. 43200 TXT "v=spf1 a mx a:bcw5, a:bcw6,
a:mail1 ip4:73.164.65.192/28 -all"
Additional:
bcw4.bcwebhost.net. 43200 A 173.164.65.197
ns2.xname.org. 19 A 88.191.64.64
ns1.twisted4life.com. 1224 A 202.157.182.142
mail.bcwebhost.net. 43200 A 173.164.65.200
ns1.xname.org. 600 A 178.33.255.252
ns0.xname.org. 600 A 195.234.42.1
Query: mail.bcwebhost.net. Query type: Any record
Recursive query: Yes Authoritative answer: Yes
Query time: 125 ms. Server name: ns1.xname.org
Answer:
mail.bcwebhost.net. 43200 MX 0 mail2.bcwebhost.net.
Additional:
mail2.bcwebhost.net. 43200 A
173.164.65.193
Query: mail.bcwebhost.net. Query type: Any record
Recursive query: Yes Authoritative answer: Yes
Query time: 234 ms. Server name: n/a
Answer:
mail.bcwebhost.net. 43200 A 173.164.65.200
mail.bcwebhost.net. 43200 MX 0
mail.bcwebhost.net.
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to imail...@declude.com, and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
