Re: [dns-operations] DNS queries to g.root-servers.net over TCP
On Oct 3, 2012, at 12:52 PM, SM wrote: Hello, Does g.root-servers-con2-1.net for g.root-servers.net support DNS queries over TCP? Regards, -sm We have made a change to improve g-Root's responsiveness to TCP queries. Please let me know if you are still seeing a problem. thanks, -Jim smime.p7s Description: S/MIME cryptographic signature ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] DNS queries to g.root-servers.net over TCP
Hi Jim, At 09:41 04-10-2012, Cassell, James D. CIV DISA NS233 wrote: We have made a change to improve g-Root's responsiveness to TCP queries. Please let me know if you are still seeing a problem. The problem is solved. Thanks, -sm ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
[dns-operations] nscd issue
Sorry for this off topic question and please do point me to a more appropriate list if you know one. I was trying to understand the source of some unusual traffic from one of our hosts... It was running some python script that needed to constantly resolve two names ... turns out nscd was not liking those two names and not caching them! After many tests, we are thinking that nscd does not cache a name that returns more than one IP address! Could that be true? Is that expected and known behavior of nscd? I noticed what follows: - For an entry corresponding to a single A record, the log shows it added two entries for: GETHOSTBYNAMEv6 and GETHOSTBYNAME getent hosts commands result in the latter entry being used. - For an entry corresponding to a multi A record, the log shows it added just one entry, the one fore GETHOSTBYNAMEv6 getent hosts commands result in a have not found hosts entry log and DNS queries being made. Thanks a lot, Mohamed. ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] First experiments with DNS dampening to fight amplification attacks
Jim Reid wrote: Besides, a genuine resolver will also have a non rate-limiting server to query unless all the name servers for some domain are under attack. ... which seems to be the case, at least for the name servers I have access to: all servers for a particular domain are attacked concurrently. New name servers won't be picked up by the attacker(s) in real time, but eventually, they do get added to their list. ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] nscd issue
On 2012-10-04, at 12:17, Mohamed Lrhazi ml...@georgetown.edu wrote: Sorry for this off topic question and please do point me to a more appropriate list if you know one. This doesn't sounds like a DNS problem; it seems like a problem to take up with whomever maintains nscd, which in turn depends on what platform you're running it on (Linux, Solaris, whatever). Perhaps I'm about to be proved wrong by a helpful and erudite response from someone here who knows something about nscd, but I think you're more likely to find help on a platform-specific list (or a vendor support phone number). Joe ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
Re: [dns-operations] nscd issue
Thanks Joe. Of course you're right, and I knew it all along... this is not a DNS Operations issue. I did open a support case with RedHat, since that's what I am running... wish me luck :) Thanks, Mohamed. On Thu, Oct 4, 2012 at 8:26 PM, Joe Abley jab...@hopcount.ca wrote: On 2012-10-04, at 12:17, Mohamed Lrhazi ml...@georgetown.edu wrote: Sorry for this off topic question and please do point me to a more appropriate list if you know one. This doesn't sounds like a DNS problem; it seems like a problem to take up with whomever maintains nscd, which in turn depends on what platform you're running it on (Linux, Solaris, whatever). Perhaps I'm about to be proved wrong by a helpful and erudite response from someone here who knows something about nscd, but I think you're more likely to find help on a platform-specific list (or a vendor support phone number). Joe ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs