[176531] in North American Network Operators' Group
Re: Comcast residential DNS contact
daemon@ATHENA.MIT.EDU (Scott Helms)
Wed Dec 3 13:45:28 2014
X-Original-To: nanog@nanog.org
In-Reply-To: <CAL9jLaa4wKB30PisgK=JmQCXTEWptVntdSkPeNdkWAyBr3pqfA@mail.gmail.com>
Date: Wed, 3 Dec 2014 13:41:49 -0500
From: Scott Helms <khelms@zcorum.com>
To: Christopher Morrow <morrowc.lists@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
It's also entirely possible that the behavior observed will change because
of testing. The more a test looks different from "normal" residential
traffic the more likely that it's going to be handled differently.
Scott Helms
Vice President of Technology
ZCorum
(678) 507-5000
--------------------------------
http://twitter.com/kscotthelms
--------------------------------
On Wed, Dec 3, 2014 at 1:37 PM, Christopher Morrow <morrowc.lists@gmail.com>
wrote:
> On Wed, Dec 3, 2014 at 12:54 PM, Grant Ridder <shortdudey123@gmail.com>
> wrote:
> > Hi Everyone,
> >
> > Thanks for the replies! After reading them, i am doing some digging into
> > DNS RFC's and haven't found much with respect to ANY queries. Not
> > responding with full results to protect against being used in an attack
> > makes sense. However, I find it odd that only 1 of the 4 anycast
> servers I
> > tried would institute this.
>
> it's possible (jason hinted at this) that the servers in question are
> not a homogeneous software set... and have different behaviour being
> displayed because of that.
>
> Also, just because you sent a packet to 4 different ip addresses
> doesn't mean that they didn't end up on one or some of the same hosts
> behind loadbalancers/ecmp/etc, right? (so it's not clear you are/can
> test this properly from your vantage point)
>
> -chris
>
> (what's a bit concerning is my comcast link's not able to talk to
> cdns02 at all... over ipv4 at least, v6 works, thankfully I suppose)
>
