[dns-operations] Capturing Traffic

Lyle Giese lyle at lcrcomputer.net
Mon Feb 25 17:42:20 UTC 2013

On 2/25/2013 11:31 AM, Joe Provo wrote:
> On Mon, Feb 25, 2013 at 07:26:07PM +0200, Graham Beneke wrote:
>> I discovered the other day that a large customer of $dayjob has decided
>> that it is a good idea to outsource the LAN support for their head
>> office and NOC to a mom-and-pop IT shop. While I question the wisdom in
>> that, I was far more concerned by the fact that this mom-and-pop shop
>> had configured Google Public DNS as the resolver for everything on their
>> LAN.
>> Now on my corner of the planet Google DNS is 190ms away. Never mind the
>> mess we have with all the CDNs mapping their traffic to a different
>> continent.
>> So what are you thoughts on capturing these queries and answering them
>> on local resolvers that are <10ms away?
>> The folks at Google are certainly not going to encourage us to spoof
>> responses from their servers but are there any other potential pitfalls
>> with doing this to save the customers from themselves?
> I don't think *anyone* would encourage, reccomend or endorse hijacking
> someone else's resolver addresses. What ever happened to providing the
> service and educating the customer[s]?
I would check to see what happens to domains that don't exist.  Esp 
asking for the MX records for a domain that doesn't exist.

I had heard stories that some public resolvers will resolve when they 
should not.  For surfing, minor issue.  For a mail server, major issue.

Lyle Giese
LCR Computer Services, Inc.

More information about the dns-operations mailing list