--- Begin Message ---
Google Public DNS also observed the increased CNAME queries to
s3.amazonaws.com yesterday. This morning we are seeing most normal
queries getting responses from their nameservers.
On Wed, Oct 23, 2019 at 4:31 AM Greg Choules via dns-operations
wrote:
>
>
>
>
> -- For
--- Begin Message ---
On Wed, Oct 30, 2019 at 7:31 PM Mark Andrews wrote:
>
>
>
> > On 31 Oct 2019, at 12:02 am, Bob Harold wrote:
> >
> >
> > On Tue, Oct 29, 2019 at 9:07 PM Paul Vixie wrote:
> >
> >
> > Mark Andrews wrote on 2019-10-27 19:24:
> > > ...
> > >
> > > BIND tried to fix named to re
--- Begin Message ---
[Google Public DNS engineer here]
As others have mentioned this appears to be a connectivity or load
problem. We are getting successful resolution in about 50% of metros
globally and timeouts in the rest of the metros. The locations are
consistent across 3 attempts.
FWIW we
--- Begin Message ---
+1 to running the probes again.
Thanks in advance.
-Puneet
On Wed, Mar 25, 2020 at 7:14 AM Willem Toorop wrote:
>
> Op 25-03-2020 om 09:27 schreef Paul Vixie:
> > On Wednesday, 25 March 2020 07:41:51 UTC Petr Špaček wrote:
> >> Hello DNS operators!
> >>
> >> ...
> >>
> >>
--- Begin Message ---
Hi Doug,
Google Public DNS resolution is working now.
Google Public DNS is “parent-centric”—meaning that it only uses the
name servers that are returned in the referral responses from the
parent zone name servers, and does not make NS queries to this child
zone. So updating
--- Begin Message ---
Pasted wrong output above.
dig @8.8.4.4 shopdisney.co.uk
; <<>> DiG 9.11.5-P4-5.1+build2-Debian <<>> @8.8.4.4 shopdisney.co.uk
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 15107
;; flags: qr rd ra; QUERY: 1, AN
--- Begin Message ---
On Fri, Apr 3, 2020 at 1:53 PM Paul Hoffman wrote:
>
> Shouldn't this part of the thread (proposed changes base on an Internet
> Draft) be in the DNSOP WG in the IETF? Said another way, if you don't move it
> there soon, when the topic appears there, you'll have to repeat y
--- Begin Message ---
Hello,
We (Google Public DNS) have noticed some instances of nameserver
responses for a query coming from a different IP. Our initial plan was
to consider these responses invalid and discard them. However after
reading the text in RFC 1035 and the update in RFC 2181, we wante
--- Begin Message ---
On Sat, Aug 29, 2020 at 12:18 AM Robert Edmonds wrote:
>
> Puneet Sood via dns-operations wrote:
> > RFC 1035 section 7.3 (https://tools.ietf.org/html/rfc1035)
> > Some name servers send their responses from different
> > addresses than the
--- Begin Message ---
On Sat, Aug 29, 2020 at 11:50 AM Paul Hoffman wrote:
>
> On Aug 28, 2020, at 3:24 PM, Puneet Sood via dns-operations
> wrote:
> > We would be interested in hearing other operator's experience here.
> > Are recursive servers seeing similar b
--- Begin Message ---
There are 2 sets of nameservers which account for the bulk of this
behavior. I can share some of the nameserver IPs (that have a high
volume of responses from different IPs) directly with operators who
are interested in reviewing these further. Please contact me directly.
-Pu
--- Begin Message ---
On Tue, Sep 8, 2020 at 5:00 PM John Levine wrote:
>
> In article <20200908181130.gd4...@straasha.imrryr.org> you write:
> >> Seems to me that would be true for any software that uses the usual
> >> BSD or linux socket calls that match the host and port ...
>
> >You're conflat
--- Begin Message ---
Google Public DNS posted a message on github about our plans:
https://github.com/dns-violations/dnsflagday/issues/139#issuecomment-673489183.
Background: Similar to what Ralf Weber said, over the last couple of
years we have seen issues with large domains related to UDP
fragm
--- Begin Message ---
Google Public DNS posted a message on github about our plans:
https://github.com/dns-violations/dnsflagday/issues/139#issuecomment-673489183.
Background: Similar to what Ralf Weber said, over the last couple of
years we have seen issues with large domains related to UDP
fragm
--- Begin Message ---
On Mon, Nov 16, 2020 at 7:09 PM Doug Barton wrote:
>
> Puneet, or anyone else at Google, are there publicly available
> references to this configuration choice? Web searches have all returned
> pages of generic discussion about parent/child config. I'm having a
> discussion w
--- Begin Message ---
Hi Viktor,
Thanks for bringing this issue to everyone's attention and your ongoing
work on DNSSEC.
Google Public DNS is also planning to cap NSEC3 iterations to a safe value.
Do you have data you can share on the prevalence of high iteration count
NSEC3 zones?
-Puneet
On Th
--- Begin Message ---
Viktor, dnsop community,
If there additional missing NSEC|NSEC3 RR issues with Google Public
DNS you are aware of, please respond here or file a ticket
(https://developers.google.com/speed/public-dns/groups#issue_tracker).
On Sat, Feb 6, 2021 at 1:17 AM Viktor Dukhovni wrot
--- Begin Message ---
Hello dnssec experts,
I am noticing an inconsistent NSEC response in a delegation. Depending
on the RR type specified in the query the response includes NS in the
set of RR types in the NSEC RR proving the absence of the /DS
record. Is this behavior below within what nameserv
--- Begin Message ---
On Tue, Jun 22, 2021, 12:35 AM Matt Nordhoff wrote:
> On Tue, Jun 22, 2021 at 3:54 AM Viktor Dukhovni
> wrote:
> > On Tue, Jun 22, 2021 at 03:30:39AM +, Matt Nordhoff wrote:
> >
> > > > Indeed I see the same:
> > > >
> > > > $ dig +noall +dnssec +norecur +nocrypto +
--- Begin Message ---
Hello,
I need to reach a live contact for the .ml TLD. Emailing
i...@malidili.com has not gotten a response.
If someone has a contact, please let me know.
Thanks,
Puneet
--- End Message ---
___
dns-operations mailing list
dns-oper
--- Begin Message ---
The problem has been fixed for a couple of months now. Thanks for reporting.
$ dig @8.8.8.8 _4._tcp.mx.runbox.com. IN TLSA +dnssec +nocomment +nocrypto
; <<>> DiG 9.10.6 <<>> @8.8.8.8 _4._tcp.mx.runbox.com. IN TLSA +dnssec
+nocomment +nocrypto
; (1 server found)
;; global op
--- Begin Message ---
Some information on what happened during this incident with the Google
Public DNS service.
* GPDNS did not configure an NTA for slack.com
* We observed a small percentage of SERVFAILs during 10:05-10:47 AM PT
on 20210930. Which was fixed by
* a number of user-initiated cache
--- Begin Message ---
Missed this in the previous email:
* We cache most records needed for DNS resolution with a 6 hour TTL.
On Fri, Oct 1, 2021 at 12:03 PM Puneet Sood wrote:
>
> Some information on what happened during this incident with the Google
> Public DNS service.
>
> * GPDNS did not co
--- Begin Message ---
On Thu, Oct 7, 2021 at 11:22 AM Viktor Dukhovni wrote:
>
> On Thu, Oct 07, 2021 at 02:53:36PM +, Wessels, Duane via dns-operations
> wrote:
>
> > I can't explain the TXT queries, but the NS queries seem to be
> > Google's method of doing qname minimization, with an added
--- Begin Message ---
On Thu, Oct 7, 2021 at 11:22 AM Viktor Dukhovni wrote:
>
> On Thu, Oct 07, 2021 at 02:53:36PM +, Wessels, Duane via dns-operations
> wrote:
>
> > I can't explain the TXT queries, but the NS queries seem to be
> > Google's method of doing qname minimization, with an added
--- Begin Message ---
On Fri, Oct 8, 2021 at 3:42 AM Moritz Müller via dns-operations
wrote:
>
>
>
>
> -- Forwarded message --
> From: "Moritz Müller"
> To: "Blacka, David via dns-operations"
> Cc:
> Bcc:
> Date: Fri, 8 Oct 2021 09:37:34 +0200
> Subject: Re: [dns-operations] Lot'
--- Begin Message ---
We have been investigating the issue. This was a BGP route
announcement issue. It is mostly resolved now.
Tracking bug: https://b.corp.google.com/issues/214911324
On Wed, Jan 19, 2022 at 10:11 AM Stephane Bortzmeyer wrote:
>
> I did not investigate yet but it may be fun:
>
--- Begin Message ---
Hello,
While making our DNS response validation stricter, we have noticed that a
number of name servers return badly truncated UDP responses. This sometimes
happens with incorrect Answer section RR count.
$ dig m.email.sonyentertainmentnetwork.com. TXT @
e.ns.email.sonyenter
--- Begin Message ---
On Sat, Jul 30, 2022 at 10:26 AM Dave Lawrence wrote:
> Greg Choules via dns-operations writes:
> > I am including in this mail the RNAME from the SOA (same for both
> > zones) in the hope that someone who is responsible for DNS at Sony
> > entertainment will see this and ta
--- Begin Message ---
This part of the discussion probably should move to the dnsop wg thread for
the draft. I will send some comments there.
On Mon, Mar 27, 2023 at 5:36 PM Shumon Huque wrote:
> On Tue, Mar 28, 2023 at 6:19 AM Viktor Dukhovni
> wrote:
>
>>
>> A possibly inconvenient question,
--- Begin Message ---
On Fri, Apr 14, 2023 at 6:31 PM Evan Hunt wrote:
>
> > once an embedded dns recursive server works well enough, it ships, is
> > widely deployed, and becomes abandonware. the apps which don't work are
> > found (by others) later. there is no complaint path.
>
> Alas, if only
--- Begin Message ---
Stephane,
Looks like google.ga is returning NXDOMAIN from the nic.fr servers.
Can you please check what could be wrong with the delegation info?
Thanks,
Puneet
$ dig @d.nic.fr google.ga
; <<>> DiG 9.10.6 <<>> @d.nic.fr google.ga
; (2 servers found)
;; global options: +cmd
--- Begin Message ---
On Sat, Jul 29, 2023 at 5:06 PM Evan Hunt wrote:
>
> (Resending because I accidentally replied privately.)
>
> On Sat, Jul 29, 2023 at 09:07:21AM -0700, Paul Vixie via dns-operations wrote:
> > < > draft “Use of Bit 0x20 in DNS Labels to Improve Transaction Identity”, is
> >
--- Begin Message ---
On Wed, Nov 15, 2023 at 4:32 PM Barry Raveendran Greene
wrote:
>
> The irony - having a DNS workshop in Puerto Rico where DNS Resiliency
> failures aggravated recovery during Hurricane Maria.
>
> My recommendation is to have an entire session on DNS resiliency in the
> face
--- Begin Message ---
Hi dns operators,
While investigating a production issue, we found the following
interesting response from some root name servers.
Note: query does not use EDNS0; response does not set TC bit and has no glue.
$ dig @m.root-servers.net
kcmbrvwjafupdyztdq2ifvi6ye7fcacaaben6ja
--- Begin Message ---
On Tue, Apr 2, 2024 at 12:20 PM Paul Hoffman wrote:
> On Apr 2, 2024, at 08:42, Wes Hardaker wrote:
>
> > Do check/worry about DDoS reflections from UDP requests for DNSKEYs.
>
> Why? Of what value is worrying about this? From what you and John says,
> it's pretty clear tha
--- Begin Message ---
On Fri, Apr 12, 2024 at 3:10 PM David Zych wrote:
>
> On 4/12/24 05:13, Petr Špaček wrote:
>
> On 11. 04. 24 6:15, Stephane Bortzmeyer wrote:
>
> On Tue, Apr 09, 2024 at 01:09:20PM -0500,
> David Zych wrote:
>
> The problem: when queried for a record underneath ag.gov. whi
37 matches
Mail list logo
