[dns-operations] DNS Queries from some 8.0/16 ranges
Florian Weimer
fw at deneb.enyo.de
Fri Jun 4 21:01:45 UTC 2010
* Alexander Mayrhofer:
>> I've seen some of this. It looks like a massive enumeration attempt.
>> Looks like they are querying for all valid A/AAAA RRs they've
>> found out
>> about and PTR queries.
>
> Google's recursive DNS servers are "near" that range: They provide
> public recursive DNS on 8.8.8.8 and 8.8.4.4 - and they do pro-active
> "refetching" of records that are near their expiry.
Note that you cannot run an anycast recursor which uses the same
network prefix for the client-side interface and the source of
upstream queries. It just does not work, and according to my limited
testing, Google doesn't attempt it. So unless there is further
evidence, I suggest that this is just a coincidence.
More information about the dns-operations
mailing list