North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: DNS deluge for

  • From: Jon Lewis
  • Date: Sat Feb 25 16:43:18 2006

On Fri, 24 Feb 2006, Chris Adams wrote:

One thing to note: we've discovered that on some common DSL routers, the
internal DNS caching server is on by default and answers requests on the
outside IP address.  IIRC some even do it when configured for NAT.

So, even when you disable outside recursion, things you may not think of
on the inside of your network may still allow outside DNS recursion.
Efficient Networks DSL routers suffer from this problem if DNS servers are defined in the DHCP server config on the router. It's more of a DNS proxy though. It doesn't do any caching.

Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ for PGP public key_________