Hi, Since a lot of probes use RFC1918 DNS resolvers (like home DSL/Cable routers etc.) you can't tell, if an ISP-resolver or Public-resolver is actually used.
Another thing I noticed is, that some eyeball providers stopped provisioning their own DNS resolvers. Instead, they assing public resolvers like Cloudflare to their customers. If the distinction isn't to difficult to implement, I would prefer these three types as system tags: Inside-AS DNS Outside-AS DNS RFC1918 DNS Best Regards, Simon On 6 October 2022 09:23:15 UTC, Robert Kisteleki <[email protected]> wrote: >Hello, > >This seems to be an interesting question. > >We can certainly apply some (system) tags for probes that have the popular >resolvers 8.8.8.8, 9.9.9.9 and so on in the resolver configuration. This would >allow users like you to easily filter for, or filter out, probes that do this. > >One complication is that in many cases probes (an by extension, the users) >have such a public resolver *in addition to* whatever else they use - which >complicates the semantics of what resolver was actually used. But I guess one >can accept that as a fact and still consider the feature to be useful. > >As an extension, we can, if that's deemed useful, tag other resolvers, along >the lines of: >* resolvers on private IPs (ie. on-net in the home?) >* mixed private-and-quadX >* mixed private-and-public > >If we go this far, a probe could have multiple tags, eg. uses-8888 + >uses-private + mixed-private-and-quad8888. This may be overdoing it... > >We'd be curious about what you think. > >Regards, >Robert > > >On 2022-10-06 03:38, Max Grobecker wrote: >> Hi, >> >> a few days ago I wanted to debug a name resolution problem of one of our >> domains. >> For this reason, I wanted to test if probes inside a specific ASN are having >> difficulties to resolve a specific name (because only customers of this ISP >> were complaining). >> This lead to very mixed results, mostly because some of the selected probes >> did queries to a public DNS service like Google, Quad9 and so on. >> The problem existed only with the provider's DNS servers for some reason. >> >> >> It did take some time to make a script which tried to filter out these >> probes, so I wondered if anyone else had the same use-case and problem. >> Is there a way to automatically tag probes, which are (seemingly) using the >> ISP's own DNS servers, or, at least, not a well-known public service? >> This could be done maybe by querying a special DNS name which returns the IP >> address from where the query was received (like "whoami.akamai.net"). >> By comparing the ASN of the probe and the ASN of the IP address returned by >> the DNS query, one could determine, if the ISP's servers are used. >> This would also be true for people running their own recursor, but this >> could be filtered as well very easy. >> If an ISP is using multiple ASN, this could be a problem. Maybe there's an >> easy solution for this as well. >> >> Probes which pass this test, could then be tagged with >> "DNS-using-ISP-server" or something like that and explicitly be selected for >> specific DNS resolution tests. >> >> >> Greetings, >> Max >> > >-- >ripe-atlas mailing list >[email protected] >https://lists.ripe.net/mailman/listinfo/ripe-atlas
-- ripe-atlas mailing list [email protected] https://lists.ripe.net/mailman/listinfo/ripe-atlas
