North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: DNS TTL adherence
On Mar 15, 2006, at 1:56 AM, Simon Waters wrote:
Let me help you become aware, then... Some people don't believe it is a bug, and therefor don't see that anything needs "fixing". Feel free to, for example, send 2 consecutive queries for a record that has a short (<10,000 second TTL) to 212.23.11.206. This is one of the over 100,000 random open recursive servers that have been party to some of the recursive DNS server amplification DDoS attacks over the last few weeks... and this behavior exists in a number of them. If you can't think of a record to query for that has a short enough TTL, I've created a wildcard entry of: *.example.centergate.com so that you can test this repeatedly without having to wait for the overridden TTL to expire. Just use a different random wildcard record each time (remembering to send 2 consecutive identical queries to see the misbehavior). $ dig @212.23.11.206 jhgfd.example.centergate.com a This behavior is unfortunately not unique. /rlj
|