[dns-operations] Fwd: Google public DNS - getting SERVFAIL for any domains delegated to GoDaddy NSs

[Mike Hoskins (michoski)]

Another case of the cure being worse (or at least as bad) as the ailment.
All too common these days.

I've always avoided "public DNS" -- partially for tinfoil hat reasons, but
also because in comparison tests there was always more latency to google
(or whatever outside resource) than my ISP's infra.

Bad timing for me.  I'll spare the guilty, but am in a case on a couple
networks where google's DNS servers actually perform better (including
general availability as a key measure) than the ISPs.  That makes me
personally care more in this case, though I'm sure there are plenty of
devices using google DNS based simply upon all the blog posts suggesting
it's the best thing since sliced bread.

-----Original Message-----
From: Stephane Bortzmeyer <bortzmeyer at nic.fr>
Organization: NIC France
Date: Monday, December 8, 2014 at 9:52 AM
To: Doug Barton <dougb at dougbarton.us>
Cc: "dns-operations at dns-oarc.net" <dns-operations at dns-oarc.net>
Subject: Re: [dns-operations] Fwd: Google public DNS - getting SERVFAIL
for any domains delegated to GoDaddy NSs

>On Mon, Dec 08, 2014 at 09:38:49AM +0100,
> Stephane Bortzmeyer <bortzmeyer at nic.fr> wrote
> a message of 24 lines which said:
>
>> It seems there is *something* (but I don't know what) for *some*
>> people
>
>An expert suggested on Twitter that it could be an accidental
>side-effect of blacklisting attackers:
>
>https://twitter.com/OGudm/status/541928040759312385
>
>"Ddos attacks forge google DNS resolvers unicast address thus GoDaddy
>may blacklists them causing lookup failures"
>
>_______________________________________________
>dns-operations mailing list
>dns-operations at lists.dns-oarc.net
>https://lists.dns-oarc.net/mailman/listinfo/dns-operations
>dns-jobs mailing list
>https://lists.dns-oarc.net/mailman/listinfo/dns-jobs