On 24/12/14 17:08, Frank Bulk wrote:
Except queries from 96.31.0.5 and 199.120.69.24 reliably return the
while queries from 96.31.0.20 do not. And we're all the same ISP, and in
the one case, from the same /24. I don't think Google is that granular. And
we do have good IPv6 connectivity.
Phil,
I'm embarrassed that I didn't check that file earlier. Yes, those four DNS
resolvers sitting behind the load-balancer use 96.31.0.20:
mail1:~# dig -t txt o-o.myaddr.l.google.com +short
96.31.0.20
mail1:~#
It's been many moons since that backlist has been brought up, and when I
opened a
On 2014/12/23 21:33, Frank Bulk wrote:
So the question seems to come down to: why does Google's name server not
return the when I query it from some IPs?
Didn't google have some kind of ISP whitelisting for handing out s?
Ah yes... https://developers.google.com/speed/public-dns/faq
Except queries from 96.31.0.5 and 199.120.69.24 reliably return the
while queries from 96.31.0.20 do not. And we're all the same ISP, and in
the one case, from the same /24. I don't think Google is that granular. And
we do have good IPv6 connectivity.
Regards,
Frank Bulk
-Original
I would suspect that the instance of the google servers you are talking
to has a bad copy of l.google.com. The serial in the soa records is
1577052. I currently see 1577063.
There is also a possibilty that you are getting spoofed answers by as
the zone is not signed there is no way to know.
I dumped the database of one failing server and found this entry:
; authauthority
ghs.l.google.com. 331 \- ;-$NXRRSET
; l.google.com. SOA ns4.google.com. dns-admin.google.com. 1577084 900 900
1800 60
; authanswer
289 A 74.125.201.121
;
What does
In message 001301d01f06$aa1c7180$fe555480$@iname.com, Frank Bulk writes:
I dumped the database of one failing server and found this entry:
; authauthority
ghs.l.google.com. 331 \- ;-$NXRRSET
; l.google.com. SOA ns4.google.com. dns-admin.google.com. 1577084 900 900
1800 60
;
Thanks, Mark.
When I queried for the of ghs.l.google.com from ns[1-4].google.com the
Google servers reported they don't do recursive queries. Which Google
namserver does in fact carry the authoritative records for ghs.l.google.com?
On a side note, I thought that Google's DNS servers were
In message 001e01d01f0e$980b6070$c8222150$@iname.com, Frank Bulk writes:
Thanks, Mark.
When I queried for the of ghs.l.google.com from ns[1-4].google.com the
Google servers reported they don't do recursive queries.
Why would you expect them to offer recursion? They don't need to for
So the question seems to come down to: why does Google's name server not
return the when I query it from some IPs?
==
dig +norecurse ghs.l.google.com @ns1.google.com
; DiG 9.7.3 +norecurse ghs.l.google.com @ns1.google.com
;; global options: +cmd
;;
10 matches
Mail list logo