[80133] in North American Network Operators' Group
Re: Problems with NS*.worldnic.com
daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Tue Apr 26 11:06:23 2005
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: "Christopher L. Morrow" <christopher.morrow@mci.com>
Cc: Randy Bush <randy@psg.com>, nanog@merit.edu
In-Reply-To: Your message of "Tue, 26 Apr 2005 13:58:29 -0000."
<Pine.GSO.4.58.0504261351530.6246@sharpie.argfrp.us.uu.net>
Date: Tue, 26 Apr 2005 11:05:45 -0400
Errors-To: owner-nanog@merit.edu
In message <Pine.GSO.4.58.0504261351530.6246@sharpie.argfrp.us.uu.net>, "Christ
opher L. Morrow" writes:
>
>
>On Tue, 26 Apr 2005, Randy Bush wrote:
>
>> lots of folk sent email to me and not the list. most report
>> worldnic responding with tcp 53 and not udp. would love to
>> hear confirmation on list. can think of a number of causes,
>> one possible, but just a stab in the dark, would be an
>> intentional hack as a defense to a spoofed-ip attack.
>>
>> what are some names known to be hosted on worldnic?
>
>we had problems reported with:
>
>www.calairmail.com
>www.holidaycardwebsite.com
>
>I did some poking around lastnight with dig and some local unix hosts that
>I hadn't tried this before on and got no change to tcp :( (so no truncate
>and returned results via UDP) though today I see:
>
>morrowc@iad1-srv02:~$ dig www.holidaycardwebsite.com. @ns7.worldnic.com
>;; Truncated, retrying in TCP mode.
>
>and failures (which is PROBABLY my silly iptables config...)
>
>morrowc@iad1-srv02:~$ dig www.holidaycardwebsite.com. @ns8.worldnic.com
>
>; <<>> DiG 9.2.2rc1 <<>> www.holidaycardwebsite.com. @ns8.worldnic.com
>;; global options: printcmd
>
>interesting that both servers aren't doing the same thing?
>
Both work for me, from two different places, one of which has v6
connectivity and one of which doesn't.
--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
