Re: G root servers unreachable via ICMP(v6)

On Tue, May 16, 2023 at 4:59 PM William Herrin wrote: > > On Tue, May 16, 2023 at 1:38 PM Christopher Morrow > wrote: > > On Tue, May 16, 2023 at 2:35 PM William Herrin wrote: > > > Ping is used by some versions of traceroute which can help the > > > > I think you mean 'icmp' here. yes. I

Re: G root servers unreachable via ICMP(v6)

Issue addressed on the dns-operations mailing list. Thanks for letting me know Willy. I wanted to bring your attention to the DNS Affinity Group here in the NANOG Community and to the OARC Community Chat server on our

Re: G root servers unreachable via ICMP(v6)

On Tue, May 16, 2023 at 1:38 PM Christopher Morrow wrote: > On Tue, May 16, 2023 at 2:35 PM William Herrin wrote: > > Ping is used by some versions of traceroute which can help the > > I think you mean 'icmp' here. yes. I contend that traceroute (udp or > icmp or tcp) > TOWARDS a destination can

Re: G root servers unreachable via ICMP(v6)

On Tue, May 16, 2023 at 2:35 PM William Herrin wrote: > > On Tue, May 16, 2023 at 11:00 AM Christopher Morrow > wrote: > > On Tue, May 16, 2023 at 4:37 AM wrote: > > > Cutting PING means you are hurting your basic troubleshooting. > > > Is that thing even plugged in? Maybe Firewall

Re: G root servers unreachable via ICMP(v6)

On Tue, May 16, 2023 at 11:00 AM Christopher Morrow wrote: > On Tue, May 16, 2023 at 4:37 AM wrote: > > Cutting PING means you are hurting your basic troubleshooting. > > Is that thing even plugged in? Maybe Firewall misconfiguration? > > it means you need to use the tool (dig, host, nslookup)

Re: G root servers unreachable via ICMP(v6)

On Tue, May 16, 2023 at 4:37 AM wrote: > > So, DoD does NOT have capacity to answer those little ICMP echo > request packets? Heh.. Anyway, this is IMO terrible practice. why? > Cutting PING means you are hurting your basic troubleshooting. > Is that thing even plugged in? Maybe Firewall

Re: G root servers unreachable via ICMP(v6)

Hi Willy, I will ping the OARC team on your email.  Something might be up with the list. Steve On 5/15/2023 8:38 PM, Willy Manga wrote: Hi, DNS speaking, I can query G root servers; at least, that's the most important. However, from several sites, either on IPv4 or IPv6, I cannot

Re: G root servers unreachable via ICMP(v6)

g, that method might be useful, but you need to drop pretty much anything. -- Original message -- From: Willy Manga To: nanog@nanog.org Subject: G root servers unreachable via ICMP(v6) Date: Tue, 16 May 2023 07:38:24 +0400 Hi, DNS speaking, I can query G root servers; at le

Re: G root servers unreachable via ICMP(v6)

On Tue, 16 May 2023 at 05:38, Willy Manga wrote: > > Hi, > > DNS speaking, I can query G root servers; at least, that's the most > important. > > However, from several sites, either on IPv4 or IPv6, I cannot ping(6) > them. Is it by design, or it's an issue? It's certainly not an outage:

Re: G root servers unreachable via ICMP(v6)

However, from several sites, either on IPv4 or IPv6, I cannot ping(6) them. Is it by design, or it's an issue? I believe g-root never answered ping requests. Others have been for a looong time (ever?) with some exceptions - those enabled it a few years ago. Robert

Re: G root servers unreachable via ICMP(v6)

On Mon, May 15, 2023 at 8:38 PM Willy Manga wrote: > Side question: even if it was by design, is it a good practice to > completely restrict ICMP(v6)? Answering only your side question: there's a difference between completely restricting ICMPv6 and restricting echo-request. Restricting

G root servers unreachable via ICMP(v6)

Hi, DNS speaking, I can query G root servers; at least, that's the most important. However, from several sites, either on IPv4 or IPv6, I cannot ping(6) them. Is it by design, or it's an issue? Side question: even if it was by design, is it a good practice to completely restrict ICMP(v6)?