[dns-operations] Geoff Huston on DNS-over-TCP-only study.

Ralf Weber Ralf.Weber at nominum.com
Wed Aug 21 16:11:17 UTC 2013


On 21.08.2013, at 08:18, Jared Mauch <jared at puck.nether.net> wrote:
> The unexpected results of the data were knowing that ~46% are just a broken CPE device that does something weird with DNS packets.
Well they mostly proxy that query to their ISPs resolver, who as it came from an address on his network answers it and send it back to the CPE. The CPE being a DNS proxy then sends the answer back to the victim. 

The problem as you correctly point out is the CPE and given that people do upgrade there CPEs less often than there PCs, if at all the problem will stay around for some time.

Looking forward to your research on that.

So long
Ralf Weber
Senior Infrastructure Architect
Nominum Inc.
2000 Seaport Blvd. Suite 400 
Redwood City, California 94063
ralf.weber at nominum.com

More information about the dns-operations mailing list