[dns-operations] Blackhole IANA question
Phil Regnauld
regnauld at nsrc.org
Thu Aug 5 13:24:23 UTC 2010
Alberto García Moyano (alberto.garciamoyano) writes:
>
> we are sending inverse queries to these blackhole servers:
>
> "blackhole-1.iana.org" and "blackhole-2.iana.org",
>
> The inverse queries are asking for private addresses, this traffic is
> normal in our network so there is not any abuse. My problem is that i
> cant get any response from these servers and the normal operation for
> these queries is (from the web http://www.iana.org/abuse/faq.html):
Hi Alberto,
> I have also tried to do a query from my PC in my home, and i didnt get
> response.
>
> > 10.208.1.1
> Servidor: [195.175.48.42]
> Address: 195.175.48.42
>
> DNS request timed out.
> timeout was 2 seconds.
> *** La petición a [195.175.48.42] a caducado
You shouldn't be getting a timeout. What you should be getting
is NXDOMAIN from the blackhole servers, for anything in the RFC1918
ranges. Please use dig or host instead of nslookup, as nslookup
makes a number of assumptions about your environment, and doesn't
provide detailed output.
A dig from here:
$ dig @blackhole-1.iana.org -x 192.168.1.1
[...]
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15475
;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
[...]
;; AUTHORITY SECTION:
168.192.in-addr.arpa. 300 IN SOA prisoner.iana.org. hostmaster.root-servers.org. 2008072202 21600 3600 1209600 86400
[...]
;; SERVER: 192.175.48.6#53(192.175.48.6)
;; WHEN: Thu Aug 5 15:15:43 2010
;; MSG SIZE rcvd: 119
> Can you tell me if there is any problem with your blackhole servers ? The
> problem is mine?
What does traceroute do these servers show ?
Cheers,
Phil
More information about the dns-operations
mailing list