Re: easy way to scan for issues with path mtu discovery?

2008-06-24 Thread Bill Owens 
On Tue, Jun 24, 2008 at 10:28:12AM -0400, Darden, Patrick S. wrote:
 
 
 Hi all,
 
 Does anyone know of an easy way to scan for issues with path mtu discovery 
 along a hop path?  E.g. if you think someone is ICMP black-holing along a 
 route, or even on the endpoint host, could you use some obscure nmap flag to 
 find out for sure, and also to identify the offending hop/router/host?  What 
 tool would you use to test for this, and how would you do such a test?  Is 
 there any probing tool that does checks like this automatically?
 
 Seems to me this happens often enough that someone has probably already 
 figured it out, so I am trying not to reinvent the wheel.  All I can think of 
 would be to handcraft packets of steadily increasing sizes and look for 
 replies from each hop on the route (which would be laborious at best).  
 Google has not been kind to my researches so far.

scamper is the best tool I've found:

http://www.wand.net.nz/scamper/

Bill.

Re: DNS problems to RoadRunner - tcp vs udp

2008-06-13 Thread Bill Owens 
On Fri, Jun 13, 2008 at 02:14:55PM -0400, Jon Kibler wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Mark Price wrote:
 SNIP
 From what I have read, public DNS servers should support both UDP and
  TCP queries.  TCP queries are often used when a UDP query fails, or if
  the answer is over a certain length.
  
 
 UDP is used for queries.
 
 TCP is used for zone transfers.
 
 If my server responded to TCP queries from anyone other than a secondary
 server, I would be VERY concerned.

Red alert:

[cookiemonster:~] owens% dig +tcp aset.com @209.190.93.130 soa

;  DiG 9.4.2  +tcp aset.com @209.190.93.130 soa
;; global options:  printcmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 5864
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 5, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;aset.com.  IN  SOA

;; ANSWER SECTION:
aset.com.   14400   IN  SOA ns1.sims.net. 
hostmaster.aset.com. 2006111001 10800 3600 360 86400

;; AUTHORITY SECTION:
aset.com.   14400   IN  NS  ns3.trustns.net.
aset.com.   14400   IN  NS  ns1.sims.net.
aset.com.   14400   IN  NS  ns1.trustns.net.
aset.com.   14400   IN  NS  ns2.sims.net.
aset.com.   14400   IN  NS  ns2.trustns.net.

;; ADDITIONAL SECTION:
ns1.sims.net.   86400   IN  A   209.190.93.130
ns2.sims.net.   86400   IN  A   209.190.93.132

;; Query time: 31 msec
;; SERVER: 209.190.93.130#53(209.190.93.130)
;; WHEN: Fri Jun 13 14:31:13 2008
;; MSG SIZE  rcvd: 211


Bill.