Re: Google DNS intermittent ServFail for Disney subdomain

And it is believed that sold end user devices wouldn't just be required to implement this blacklist themselves? This is reminding me of the xkcd coming with the encryption and the wrench. On Wed, Oct 25, 2017 at 10:53 AM, Jean-Francois Mezei wrote: > On 2017-10-25 13:05, Matthew Pounsett wrote: >

Re: Google DNS intermittent ServFail for Disney subdomain

On 2017-10-25 13:05, Matthew Pounsett wrote: > I'm also led to wonder how much worse it would be if all those CPE were > open recursives instead of open forwarders. I'd like to see CPE > manufacturers' decision making and processes improved BEFORE we start > encouraging them to go around ISPs' DN

Re: Google DNS intermittent ServFail for Disney subdomain

On 22 October 2017 at 12:23, David Conrad wrote: > Damian, > > Pragmatically speaking, I strongly suspect the increase in valid queries > to authoritative servers even if all “large recursive resolvers” went away > would be lost in noise of the overcapacity necessary to deal with even a > lower-e

Re: Google DNS intermittent ServFail for Disney subdomain

:I know it doesn't help your problem, but friends don't let friends use public DNS resolvers (Google, L3, Open DNS, etc.). ;-) I've been experimenting with using Google's DNS resolvers for Google's assorted domains. At some point, I keep meaning to add Google's address space as in-addr.arpa dom

Re: Google DNS intermittent ServFail for Disney subdomain

Damian, Pragmatically speaking, I strongly suspect the increase in valid queries to authoritative servers even if all “large recursive resolvers” went away would be lost in noise of the overcapacity necessary to deal with even a lower-end DDoS attack. Perhaps more interestingly, if said recurs

Re: Google DNS intermittent ServFail for Disney subdomain

On Fri, Oct 20, 2017 at 6:29 AM, Filip Hruska wrote: > Would be great if makers of home routers would implement full recursive > DNS resolvers > instead of just forwards in their gear. Ignoring the latency impact of your proposal, I wonder what would happen to the world's authoritative servers

Re: Google DNS intermittent ServFail for Disney subdomain

None of the NS records/delegations are in agreement. com delegations don't agree with authoritative in disney.com, and disney.com's delegations don't agree with studio.disney.com's NSen. On Fri, Oct 20, 2017 at 7:35 AM, Christopher Morrow wrote: > On Fri, Oct 20, 2017 at 1:10 AM, David Sotnick

Re: Google DNS intermittent ServFail for Disney subdomain

On Fri, Oct 20, 2017 at 1:10 AM, David Sotnick wrote: > Well well, it looks like a Direct Connect circuit to Google was leaking the > route to this DMZ 153.7.233.0/24 back to Google via BGP. > > Return traffic from Google (for only some fraction of DNS queries) was > passing back across this leak

Re: Google DNS intermittent ServFail for Disney subdomain

Re: Google DNS intermittent ServFail for Disney subdomain

On Fri, Oct 20, 2017 at 03:29:15PM +0200, Filip Hruska wrote a message of 49 lines which said: > Would be great if makers of home routers would implement full recursive DNS > resolvers The good ones do

Re: Google DNS intermittent ServFail for Disney subdomain

0:41:46 PM Subject: Google DNS intermittent ServFail for Disney subdomain Hi Nanog, I am principal network engineer for sister-studio to Disney Studios. They have been struggling with DNS issues since Thursday 12th October. By all accounts it appears as though *some* of the Google DNS resolvers

Re: Google DNS intermittent ServFail for Disney subdomain

om: "David Sotnick" To: "NANOG" Sent: Thursday, October 19, 2017 10:41:46 PM Subject: Google DNS intermittent ServFail for Disney subdomain Hi Nanog, I am principal network engineer for sister-studio to Disney Studios. They have been struggling with DNS issues since T

Re: Google DNS intermittent ServFail for Disney subdomain

On Fri, 20 Oct 2017 08:01:00 +0200, Bjørn Mork said: > That's the way it is. Posting to a public forum always make you think > about the issue a second time, and that's what it takes. > > The weird thing is that I've tried to cheat the system by thinking > without posting, and it doesn't work! D

Re: Google DNS intermittent ServFail for Disney subdomain

David Sotnick writes: > Gotta love it when a problem is solved, by the OP, within an hour of > resorting to mailing the NANOG community. That's the way it is. Posting to a public forum always make you think about the issue a second time, and that's what it takes. The weird thing is that I've t

Re: Google DNS intermittent ServFail for Disney subdomain

Well well, it looks like a Direct Connect circuit to Google was leaking the route to this DMZ 153.7.233.0/24 back to Google via BGP. Return traffic from Google (for only some fraction of DNS queries) was passing back across this leaked route, and being dropped on this Direct Connect peering point

Re: Google DNS intermittent ServFail for Disney subdomain

Looks like some Disney services are/have been down. http://downdetector.com/status/disneyworld Thanks, Donald === Donald E. Eastlake 3rd +1-508-333-2270 (cell) 155 Beaver Street, Milford, MA 01757 USA d3e...@gmail.com On Thu, Oct 19, 2017 at 11:41 PM, David Sotnic

Google DNS intermittent ServFail for Disney subdomain

Hi Nanog, I am principal network engineer for sister-studio to Disney Studios. They have been struggling with DNS issues since Thursday 12th October. By all accounts it appears as though *some* of the Google DNS resolvers cannot reach the authoritative nameservers for "studio.disney.com". This i