bind-users Digest, Vol 2230, Issue 1

Woodworth, John R John.Woodworth at CenturyLink.com
Wed Oct 21 07:48:16 UTC 2015 

>
> From: bind-users-bounces at lists.isc.org [mailto:bind-users-bounces at lists.isc.org] On Behalf Of Harshith Mulky
> Sent: Tuesday, October 20, 2015 10:50 AM
> To: bind-users at lists.isc.org
> Subject: RE: bind-users Digest, Vol 2230, Issue 1
>
> No Mark, This is not a question I am asked to answer for some course
>
> We have an implementation where, once the DNS Servers are down, The Client
> (Our device) Blacklists the IP address of DNS Servers for some period of Time
> It can only whitelist the server when it receives periodic Responses to a NAPTR Request.
>
> What I did find was even though Our Client was able to send periodic NAPTR
> requests, we are unable to check what kind of NAPTR requests are sent out


Harshith, While I am new to the group I am not sure this is the right audience
for your question as it does not really pertain to bind or the DNS protocol.

Having said that I love a good puzzle and am curious so below are a couple follow-up
questions.

  1.) Are these devices some type of VoIP device?  I've seen many novel DNS based
      scenarios used for VoIP before.
  2.) I assume the path has been sniffed, are other records used as well, say SRV?
  3.) Not sure why a particular record would be used to determine availability as
      really any RR could serve for this (including made up ones).
      [OK, not phrased in the form of a question]
  4.) What problem is being solved here?  Generally, with end devices DNS resolution
      starts at the top of its DNS resolver list and tries until it gets an answer
      or critical error (still an answer) within a timeout period.  The next query
      takes the same route and so on.  There are exceptions in implementation where
      statistics are maintained and its DNS resolver list is reordered accordingly
      but to blacklist and probe seems like a lot of wasted calories.
      For example:
        * What is the percentage of nameservers it would blacklist before
          it determines it is almost out of options?
        * Would it completely deny itself DNS service because of a few dropped
          packets or localized/ temporary network problems?
        * How many packet drops before it blacklists a nameserver?
        * How often does it probe for availability (whitelist)?
      Without knowing more this seemingly makes for a much more unreliable DNS
      experience.

Just curious,
John

>
> Hence my question,
> What Kind of messages are required by the client to be sent towards server to
> determine if the DNS IP is reachable or not?


I believe this may have already been answered but any query will work for
this purpose (including the "ANY" query).


>
> Thanks
> Harshith
>

This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20151021/2aed1cd2/attachment.html>

More information about the bind-users mailing list