[dns-operations] ip id from servers
sthaug at nethelp.no
sthaug at nethelp.no
Thu Mar 11 08:46:44 UTC 2010
> I can only confirm a few of these from here (Oslo, Norway). What I see
> is pretty bad. *All* of the DNS answers I receive from these 3 servers
> have IP ID 0:
>
> > 193.0.0.195 ns-pri.ripe.net.
> > 192.54.112.30 h.gtld-servers.net.
> > 202.12.28.140 sec3.apnic.net.
Some more high volume servers which only use IP ID 0 as seen from here:
192.33.14.30 b.gtld-servers.net
192.43.172.30 i.gtld-servers.net
204.74.66.132 ns1.facebook.com
195.166.81.54 de1.sophosxl.com
195.166.81.55 de2.sophosxl.com
150.70.147.168 ns2.hashserver.cs.trendmicro.com
195.41.131.110 d.ns.spamhaus.org
Doing a "tcpdump 'ip[4:2]==0'" on a busy recursive name server can be an
enlightening experience.
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the dns-operations
mailing list