On Sun, Aug 10, 2008 at 1:42 AM, Tony E - Jaraeth
<
jaraeth@phoenixwing.com> wrote:
> I have a crap load of systems in my apartment and use Cox with no
> problems. I run a linux file server with BIND for dns, since I have my
> internal network setup with DNS for 192.168.* addresses. I use my
> firewall/router for backup DNS which uses Cox. I've not had a problem
> running BIND, nor any problems when defaulting to Cox so far
>
> Regards,.
>
> Tony E
> "Raptus regaliter"
> jaraeth@phoenixwing.com
> http://www.phoenixwing.com/
>
>
>
> James Mcphee wrote:
>> If you're experiencing issues, then set up a job to query Cox and
>> Qwest's and whoever's DNS servers at the same time and log it. See if
>> you're seeing a trend. It could just be your connection.
>>
>> On Sun, Aug 10, 2008 at 12:07 AM, Craig White <craigwhite@azapple.com
>> <mailto:craigwhite@azapple.com>> wrote:
>>
>> On Sat, 2008-08-09 at 23:39 -0700, Technomage Hawke wrote:
>> > Over the last few weeks, I have noticed an increasing number of
>> > customer calls about network outages. Now on the surface, this might
>> > not seem all that relevant, However, these issues are not just
>> windows
>> > centric.
>> >
>> > I have discovered a pattern to the outage problems I have been
>> > troubleshooting. it seems that cox is filtering dns traffic to
>> anyone
>> > outside their own ip space. any attempt to use a DNS root server or
>> > even the ASUdns servers results in many pages not being resolved. as
>> > soon as I set for the cox dns servers, all seems to work again.
>> >
>> > anyone else noticing this "filtering" on cox's part?
>> ----
>> no - it makes no sense, you can always test your theory out at any
>> time
>> you want by running commands such as dig and host and if you really
>> care, you could run your own caching dns server which would obviously
>> need to access other dns servers to be worthwhile.
>>
>> Craig
>>
check /etc/resolv.conf for the dns you are using - dhcp will
rewrite/prepend this file if your lease includes dns servers (most do)
if there are delays - check that the first & second nameserver entries
are reachable - network timeout delays are the most likely delay that
you might notice. then you can compare how either sets of servers work
for you.
If you run your own cache, it is time to patch to the latest dns
server and get ready for DNSSEC, it will be required soon. The recent
security problem was based on a session intercept (I think, could be
wrong) so you may have folks seeing incomplete man-in-the-middle
attacks? outside of your ISP's network.
Anybody able to describe what the new DNS attack would look like to a
user/in the logs?
Ed
---------------------------------------------------
PLUG-discuss mailing list -
PLUG-discuss@lists.plug.phoenix.az.us
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
(text/plain)