Re: [dns-operations] GoDaddy DNS broken IPv6 Resolvability / Note on akam.net NS sets
--- Begin Message --- Hi Tobias, So, does anyone know more about either of these two points or maybe knows whom to motivate to fix this (well, at least the domaincontrol.com thing)? This is a big chunk of names that can be made v6 ready all at once. Isn't domaincontrol.com used by GoDaddy to "sinkhole" abuse-related domain names? If they find phishing on your website , for example, they may change your NS records and point to those to prevent further abuse? /giovane --- End Message --- ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Re: [dns-operations] maybe a small tcp flood
--- Begin Message --- > after a short break, it is ongoing We (.nl) are seeing lots of random, NXDOMAIN queries, mostly from Google, since last week. Maybe it is the same folks doing this for you ccTLDs and ours. /giovane --- End Message --- ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Re: [dns-operations] why does that domain resolve?
--- Begin Message --- > This is a question of being parent- vs. child- centric. The parents in > the DNS tree delegate correctly. FWIW, we did a study a couple of years ago [1] analyzing these inconsistencies. We found 13 million second-level domains (out of 166M) that were inconsistent [0] (table 1, data from 2019-10-16) > Indeed. In our first QNAME minimisation implementation, we used NS >queries to follow delegations. We saw this also clearly on .nl and .nz when Google Public DNS (GDNS) turned on q-min: fig 3 in [1]. Out of sudden we start to see far more NS queries from GDNS than the other types of records. /giovane [0] https://www.sidnlabs.nl/downloads/53BNt9EPxZQOCHYjqWhYfR/7295d79a207afc79cab6309d40a15a76/When_parents_and_children_disagree_Diving_into_DNS_delegation_inconsistency.pdf [1] https://www.sidnlabs.nl/downloads/4O6kRGL3Un0HrT5TcrBwaG/c69d421eb252da5902f46c1605175649/Clouding_up_the_Internet_how_centralized_is_DNS_traffic_becoming.pdf --- End Message --- ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
[dns-operations] Open sourcing Anteater: first release
--- Begin Message --- Folks, During OARC34[0], some folks asked whether we could open-source Anteater, our passive DNS monitoring system. We decided then to make it open-source, and those interested can check it at: https://github.com/SIDN/anteater Thanks, /giovane -- Giovane Moura SIDN Labs ps: I'll be refactoring our code to add more dashboards on the next few days/weeks. For now you can already have the "overview" dashboard up and running[1]. [0] https://indico.dns-oarc.net/event/37/contributions/812/ [1] https://github.com/SIDN/anteater/blob/main/src/grafana-dashboards/demo/demo.md --- End Message --- ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
[dns-operations] Tech report on FlagDay2020, fragmentation, EDNS, Truncation, TCP...
--- Begin Message --- Folks, A couple of months ago there was a lot of discussion about the Flag Day2020 on this list. Inspired on that, we wrote a technical report that we now release [0] and that covers the authoritative server side of the story on truncation, fragmentation, large messages, TCP fallback, and the Flag Day uptake. >From the abstract: ``[...] We analyze 114 billion queries/response pairs from more than 43k autonomous systems, covering two months and a week period (2019 and 2020), collected at the authoritative servers of the .nl, the country-code top-level domain of the Netherlands. We show that fragmentation, and the problems that can follow fragmentation, rarely occur at such authoritative servers. Further, we demonstrate that DNS built-in defenses – use of truncation, EDNS0 buffer sizes, reduced responses and TCP fall back – are effective to reduce fragmentation. Last, we measure the uptake of the DNS flag day in 2020.`` Feedback is always welcome, as usual. /giovane -- Givoane C. M. Moura SIDN Labs [0] https://www.sidnlabs.nl/downloads/4e5otgyyJap464iRzmZeN9/47f08b1511627967ff2280f014e0ff23/Fragmentation__truncation__and_timeouts_are_large_DNS_messages_falling_to_bits.pdf --- End Message --- ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
Re: [dns-operations] DNS Flag Day 2020 and Google Public DNS
--- Begin Message --- ___ > I've put together a presentation about Google Public DNS's participation in > the DNS Flag Day 2020 initiative. I had hoped to present this at OARC 33, > but I didn't finish it with enough lead time to be scheduled there. So I've > recorded the talk I would have given and placed it on YouTube: Thanks for making this presentation available, and very nice results. Do you also have a link for the slides, so it can be more easily referenced? /giovane --- End Message --- ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations
[dns-operations] anyone from facebook?
--- Begin Message --- hello folks, Is there anyone from Facebook on the list? (or maybe someone knows someone there) thanks, /giovane --- End Message --- ___ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations