[162946] in North American Network Operators' Group
Re: Open Resolver List, New Orleans, etc..
daemon@ATHENA.MIT.EDU (Jon Lewis)
Thu May 9 19:32:27 2013
Date: Thu, 9 May 2013 19:32:11 -0400 (EDT)
From: Jon Lewis <jlewis@lewis.org>
To: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <D6B8CE49-14E6-41B6-8093-54A1BA4D6A93@puck.nether.net>
Cc: "nanog@nanog.org Group" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, 9 May 2013, Jared Mauch wrote:
> Some interesting data: about 46% of the IPs that respond to a DNS query
> do not respond from port 53, meaning they are "broken" in some
> interesting way.
Maybe I'm not being very imaginative, but how can something from !53 be
considered a DNS response to a query sent to port 53? Can you give some
examples of the sorts of packets that fall into this rather large % of
ill-behaved hosts? Are you sure you're not treating things like icmp port
unreachable as a "!udp/53 src response"?
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
| therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
