[dns-operations] DNS version request
Peter van Dijk
peter.van.dijk at powerdns.com
Fri Dec 7 21:19:04 UTC 2018
On 7 Dec 2018, at 21:46, Warren Kumari wrote:
> On Fri, Dec 7, 2018 at 1:42 AM Ray Bellis <ray at isc.org> wrote:
>
>> There's plenty of ALGs in home CPE pretending to be a DNS server that
>> blindly forward CH queries to the back-end resolver that they're
>> configured to talk to.
>
>
> ... and I must admit, with much embarrassment, that that has tripped
> me up
> once or twice. I've been at a hotel which was doing weird DNS stuff,
> but CH
> records were passed through unmolested -- this made troubleshooting
> trickier because I assumed the problem was elsewhere...
In similar vein, a few years ago I looked at some ‘open resolver’
report that included version.bind output, and I found that just a couple
of days after we released a PowerDNS update, literally tens of thousands
of open resolver on the Internet had upgraded to it.
They hadn’t - they were CPEs, forwarding blindly as above, even for
queries coming in on their outside/WAN interface.
Kind regards,
--
Peter van Dijk
PowerDNS.COM BV - https://www.powerdns.com/
More information about the dns-operations
mailing list