Different forwarder for certain response ip (result ip )

Omid Kosari omidkosari at yahoo.com
Sat Sep 16 14:01:53 UTC 2017

2nd scenario is mine . Upstream manipulated everything on 53 tcp/udp . Even
if i query a non-existent dns-server it returns result ;)

C:\WINDOWS\system32>nslookup newsroom.fb.com
Server:  UnKnown

Non-authoritative answer:
Name:    newsroom.fb.com

Note: is not what they really return . I've changed it for privacy .
But it is one fixed ip address which returns in case of manipulation occurs

Sten Carlsen wrote
> In case 2) something like your solution is needed. The use of port 443
> is an obvious idea, however DNS uses UDP and HTTPS uses TCP. Your ISP
> appears to be paranoid enough to block also port 443 UDP, so that might
> be one issue.

FYI https://en.wikipedia.org/wiki/QUIC uses udp 443 . Also i try to reduce
the queries over 443 with the way i asked in my first post .


Sent from: http://bind-users-forum.2342410.n4.nabble.com/

More information about the bind-users mailing list