On Tue, 26 Apr 2005, Randy Bush wrote:
> lots of folk sent email to me and not the list. most report > worldnic responding with tcp 53 and not udp. would love to > hear confirmation on list. can think of a number of causes, > one possible, but just a stab in the dark, would be an > intentional hack as a defense to a spoofed-ip attack. > > what are some names known to be hosted on worldnic? we had problems reported with: www.calairmail.com www.holidaycardwebsite.com I did some poking around lastnight with dig and some local unix hosts that I hadn't tried this before on and got no change to tcp :( (so no truncate and returned results via UDP) though today I see: [EMAIL PROTECTED]:~$ dig www.holidaycardwebsite.com. @ns7.worldnic.com ;; Truncated, retrying in TCP mode. and failures (which is PROBABLY my silly iptables config...) [EMAIL PROTECTED]:~$ dig www.holidaycardwebsite.com. @ns8.worldnic.com ; <<>> DiG 9.2.2rc1 <<>> www.holidaycardwebsite.com. @ns8.worldnic.com ;; global options: printcmd interesting that both servers aren't doing the same thing?