[Collisions] Weird dest IP addr
warren at kumari.net
Mon Oct 7 15:39:02 UTC 2013
On Oct 7, 2013, at 8:28 AM, Kevin White <kwhite at jasadvisors.com> wrote:
> In the 2008 data for a and j root, I’m seeing a lot of queries destined for:
> Which isn’t the official root server address of anything.
But it *was* -- AFAIR at the beginning of 1997.
> For example:
> non-root: /mnt/oarc-pool4/DITL-200803/RAW/verisign/a-root-and-old-j-root/20080319/095017.333638.pcap.gz 2008-03-19 09:50:41.683549 IP 126.96.36.199.1101 > 188.8.131.52.53: 53758 A? xpone.home. (28)
> My current logic throws that row out (throws out any rows that aren’t destined for a valid root server IP).
> Is there some historical reason why queries to this address in 2008 might be considered valid?
Known issue. A large number of devices / systems simply don't pick up changes because of broken priming issues or simply because the don't reprise after booting.
There are many papers that show that once an address is used for a root server is it tainted basically forever…
> Thank you,
> Collisions mailing list
> Collisions at lists.dns-oarc.net
Some people are like Slinkies......Not really good for anything but they still bring a smile to your face when you push them down the stairs.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Collisions