[dns-operations] Blackhole IANA question
regnauld at nsrc.org
Thu Aug 5 13:24:23 UTC 2010
Alberto García Moyano (alberto.garciamoyano) writes:
> we are sending inverse queries to these blackhole servers:
> "blackhole-1.iana.org" and "blackhole-2.iana.org",
> The inverse queries are asking for private addresses, this traffic is
> normal in our network so there is not any abuse. My problem is that i
> cant get any response from these servers and the normal operation for
> these queries is (from the web http://www.iana.org/abuse/faq.html):
> I have also tried to do a query from my PC in my home, and i didnt get
> > 10.208.1.1
> Servidor: [188.8.131.52]
> Address: 184.108.40.206
> DNS request timed out.
> timeout was 2 seconds.
> *** La petición a [220.127.116.11] a caducado
You shouldn't be getting a timeout. What you should be getting
is NXDOMAIN from the blackhole servers, for anything in the RFC1918
ranges. Please use dig or host instead of nslookup, as nslookup
makes a number of assumptions about your environment, and doesn't
provide detailed output.
A dig from here:
$ dig @blackhole-1.iana.org -x 192.168.1.1
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15475
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; AUTHORITY SECTION:
168.192.in-addr.arpa. 300 IN SOA prisoner.iana.org. hostmaster.root-servers.org. 2008072202 21600 3600 1209600 86400
;; SERVER: 18.104.22.168#53(22.214.171.124)
;; WHEN: Thu Aug 5 15:15:43 2010
;; MSG SIZE rcvd: 119
> Can you tell me if there is any problem with your blackhole servers ? The
> problem is mine?
What does traceroute do these servers show ?
More information about the dns-operations