[dns-operations] duplicate query-ids?
Jared Mauch
jared at puck.nether.net
Mon Mar 28 00:14:32 UTC 2016
While looking at some data on a new host w/ DNSTAP w/ bind, I’ve noticed some interesting data regarding query-id recycling.
Has anyone done recent research on this?
27-Mar-2016 20:06:56.793 AQ 78.47.119.231 UDP 40b PROTRuCK.ro/IN/AAAA
27-Mar-2016 20:06:56.793 AR 78.47.119.231 UDP 40b PROTRuCK.ro/IN/AAAA
27-Mar-2016 20:06:56.929 AQ 78.47.119.231 UDP 40b pROTRuck.Ro/IN/AAAA
27-Mar-2016 20:06:56.929 AR 78.47.119.231 UDP 40b pROTRuck.Ro/IN/AAAA
Just a quick peek, I see these:
count T/U query-id
4898 UDP 53b
5371 UDP 43b
5825 UDP 44b
8342 UDP 31b
11186 UDP 48b
11588 UDP 45b
43088 UDP 59b
46178 UDP 46b
90410 UDP 42b
- Jared
More information about the dns-operations
mailing list