querying TLD nameservers - limitations

Vernon Schryver vjs at rhyolite.com
Mon Mar 25 01:51:24 UTC 2013


> From: blrmaani <blrmaani at gmail.com>

> I am developing a monitoring script for internal use and this requires
> extensive querying of TLD nameservers (a .. m).tld servers.
>
> Questions:
> 1. Are there any rate limitations imposed by TLD servers i.e these
> servers allows only certain number of DNS queries per IP per second?

Yes.  See https://www.google.com/search?q=dns+reflection about one
reason why rate limiting is required.
See also https://www.google.com/search?q=dns+rrl


> 2. Are there other limitations I should be aware of while developing
> my script?

First, I don't speak for any TLD operators.  Maybe TLD operators
don't care if everyone in the world uses their networks and computers
for connectivity or local DNS resolver monitoring--and never mind
any scaling worries.

Second, if I have guessed wrong about what you are doing, please
accept my apologies and ignore the following.

If I've guessed right, my advice is "Stop Immediately and Forever!"  
I have web pages with higher Google page rank than I care and I run
some anti-spam stuff.  Some people feel entitled to take my bandwidth,
CPU cycles, and system administration time for their private uses
without my let, leave, or hindrance.  Some of them continuously send
ICMP Echo-Requests.  Others ping with DNS.  Still others continually
fetch web pages.  Then there are hours every day of odd 50 UDP pps via
6to4.  I treat them the same as the DNS "researchers" that continually
probe by my in-addr.arpa zone looking for domains to attack or forge
in spam, other "researchers" looking for PHP and other security holes,
SMTP dictionary attackers, etc.  They should spend their own money to
monitor their Internet connectivity DNS clients, or whatever they think
they're doing.  There are commercial enterprises that sell monitoring.
One can also barter with friends.  If they were not functionally evil,
they would ask first.

I'm sure all of them feel their hearts are pure and would be hurt and
insulted if they knew I see them as thugs and sociopaths.  They can't
understand that evil is as evil does and that their claimed motives
are irrelevant.  They're like those who define spam as that which they
don't do.  http://www.rhyolite.com/anti-spam/that-which-we-dont.html


Vernon Schryver    vjs at rhyolite.com



More information about the bind-users mailing list