nih.gov NS only answers TCP queries
Stephane Bortzmeyer
bortzmeyer at nic.fr
Mon Mar 3 15:35:33 UTC 2025
On Mon, Mar 03, 2025 at 09:54:46AM -0500,
Keith Mitchell <keith at dns-oarc.net> wrote
a message of 33 lines which said:
> There was much social media speculation over the weekend that this was a
> DNS issue, but it seems a lot of NIH online infrastructure was taken
> down without too much heed for the side-effects.
The fact that the authoritative name servers replied with TCP but not
with UDP, seem to indicate that:
* it was not a layer-3 (or 1 or 2) issue,
* the DNS software was still up.
My guess would be some amateur reviewing the configuration of the
firewall and saying "everybody knows that UDP is dangerous, let's
block it".
More information about the dns-operations
mailing list