On Fri, 20 Apr 2018, Glenn English wrote: > On Thu, Apr 19, 2018 at 11:44 PM, Francois Gouget <fgou...@free.fr> wrote: > > > Are DNS servers banning queries from some residential addresses or > > something like this? > > I'm banning some, off and on, (I see massive hits from all over the > globe on my DNS server -- ~100K hits a day above my rate limit). Have > you tried to ping that unresponsive one to see if it's alive? Or a TCP > Telnet connection to its port 53?
Indeed I cannot ping their DNS server (210.143.111.171) but I just thought they blocked ICMP. However I noticed I can in fact ping it from another host so I did a traceroute and the packets get blocked at the penultimate hop: $ traceroute -n 210.143.111.171 traceroute to 210.143.111.171 (210.143.111.171), 30 hops max, 60 byte packets [...] 21 60.37.54.202 296.022 ms 60.37.54.198 278.166 ms 122.1.245.126 274.472 ms 22 122.1.246.106 270.430 ms 275.228 ms 122.1.246.110 277.430 ms 23 211.0.221.30 273.257 ms 279.265 ms 277.767 ms 24 * * * On the other host the traceroute finishes with: 19 60.37.54.202 158.630 ms 122.1.245.130 161.021 ms 122.1.245.126 154.684 ms 20 122.1.246.110 147.979 ms 122.1.246.106 149.896 ms 122.1.246.110 155.476 ms 21 211.0.221.30 156.153 ms 144.694 ms 148.812 ms 22 210.143.111.171 156.433 ms 156.363 ms 159.304 ms > Is it possible that you've exceeded their rate limit? I have a script that would try to resolve the maibokun.com hostname once a day and the TTL on that appears to be 83334. So I would end up accessing their name server once a day. Of course now that it's not working and I have tried to figure out what's going on it's been quite a bit more. -- Francois Gouget <fgou...@free.fr> http://fgouget.free.fr/ May your Tongue stick to the Roof of your Mouth with the Force of a Thousand Caramels.
