-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- Do not flood root servers with reverse lookup queries for
private addresses (I want my traceroutes to work on the
inside of the network too, so I long ago configured reverse
lookup for private addresses on my internal DNS servers).
Kurt Erik Lindqvist wrote:
Say again?
Where are all these bogus requests to reverse lookup an RFC1918 address
coming from?
There are a hell of a lot traceroutes going on then...
Also note that at least at i.root there are a lot more queries with
src addresses being RFC1918. This is the same for f.root as far as I
can remember.
display purposes; this reverse lookup fails on the local DNS server and
might end up in one of the roots.
Well, as for the reverse lookup it should end up with one of the AS112
servers as the in-addr.arpa zones have been delegated.
However, if a reverse lookup zone (1.168.192.in-addr.arpa in this case)
is configured in the DNS server that the host doing the traceroute is
using, and if the correct PTR is configured (1.1.168.192.in-addr.arpa
PTR cisco.arneill-py.sacrament.ca.us) the traceroute correctly
reverse-lookups the first hop and that request never ends up in a root
server. Also, it's faster because it does not waste 5 seconds timing
out
on the request.
I won't argue against you. Now, why don't people do this?
- - kurtis -
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.2
iQA/AwUBP4zadKarNKXTPFCVEQIk1gCg9wbLn6KW3um4Lg+BbyaBM3WO73QAn1AW
BnQMQ5eVfo1zHoprDRQkwFjG
=h//K
-----END PGP SIGNATURE-----