[dns-operations] Geoff Huston on DNS-over-TCP-only study.
Ralf.Weber at nominum.com
Wed Aug 21 16:11:17 UTC 2013
On 21.08.2013, at 08:18, Jared Mauch <jared at puck.nether.net> wrote:
> The unexpected results of the data were knowing that ~46% are just a broken CPE device that does something weird with DNS packets.
Well they mostly proxy that query to their ISPs resolver, who as it came from an address on his network answers it and send it back to the CPE. The CPE being a DNS proxy then sends the answer back to the victim.
The problem as you correctly point out is the CPE and given that people do upgrade there CPEs less often than there PCs, if at all the problem will stay around for some time.
Looking forward to your research on that.
Senior Infrastructure Architect
2000 Seaport Blvd. Suite 400
Redwood City, California 94063
ralf.weber at nominum.com
More information about the dns-operations