2010/11/29 Simon Kelley <si...@thekelleys.org.uk>: > On 29/11/10 19:30, Nicholas Weaver wrote: > >> RFC3597 specifically states how they should be handled (as opaque >> binary data which is passed unchanged), but almost all fail to process >> our request for a made-up type (type # 169). >> >> a) Could someone run Netalyzr against a NAT running the latest >> Dnsmasq code and send me the result link? > > OK, I just did this, and got the error. > > Your NAT has a built-in DNS proxy. We sent it a DNS request and our > server received it from 62.253.128.100. > Some or all specialized DNS types checked are not properly interpreted > by the NAT's DNS proxy. The following tested queries were blocked/failed: > > * RTYPE=169 (deliberately unknown) records. > > > 62.253.128.100 is cmbg-dnsany-1.server.virginmedia.net. which makes > sense, as my ISP is viginmedia. I'm very sure that a query for RTYPE=169 > will have been forwarded Ok by dnsmasq, so maybe the problem is at the > ISP end? >
I would also guess it's not only a problem of broken dns proxys, but also "cleaning" provider server. dnsmasq is fine. From an dnsmasq 2.52 with it's own powerdns recurser, i get all green lights (OK, besides that i filter ad.doubleklick.net, but who wants to talk to _them_, anyway). [snip] > > Cheers, > > Simon. > > Greetings Jan -- Murphy's Law of Combat Rule #3: "Never forget that your weapon was manufactured by the lowest bidder"