Re: DNS server won't talk to me
On Fri, 20 Apr 2018, Glenn English wrote:
> On Thu, Apr 19, 2018 at 11:44 PM, Francois Gouget <fgouget@free.fr> wrote:
>
> > Are DNS servers banning queries from some residential addresses or
> > something like this?
>
> I'm banning some, off and on, (I see massive hits from all over the
> globe on my DNS server -- ~100K hits a day above my rate limit). Have
> you tried to ping that unresponsive one to see if it's alive? Or a TCP
> Telnet connection to its port 53?
Indeed I cannot ping their DNS server (210.143.111.171) but I just
thought they blocked ICMP. However I noticed I can in fact ping it from
another host so I did a traceroute and the packets get blocked at the
penultimate hop:
$ traceroute -n 210.143.111.171
traceroute to 210.143.111.171 (210.143.111.171), 30 hops max, 60 byte packets
[...]
21 60.37.54.202 296.022 ms 60.37.54.198 278.166 ms 122.1.245.126 274.472 ms
22 122.1.246.106 270.430 ms 275.228 ms 122.1.246.110 277.430 ms
23 211.0.221.30 273.257 ms 279.265 ms 277.767 ms
24 * * *
On the other host the traceroute finishes with:
19 60.37.54.202 158.630 ms 122.1.245.130 161.021 ms 122.1.245.126 154.684 ms
20 122.1.246.110 147.979 ms 122.1.246.106 149.896 ms 122.1.246.110 155.476 ms
21 211.0.221.30 156.153 ms 144.694 ms 148.812 ms
22 210.143.111.171 156.433 ms 156.363 ms 159.304 ms
> Is it possible that you've exceeded their rate limit?
I have a script that would try to resolve the maibokun.com hostname once
a day and the TTL on that appears to be 83334. So I would end up
accessing their name server once a day. Of course now that it's not
working and I have tried to figure out what's going on it's been quite a
bit more.
--
Francois Gouget <fgouget@free.fr> http://fgouget.free.fr/
May your Tongue stick to the Roof of your Mouth with the Force of a Thousand Caramels.
Reply to: