Interestingly, 1.1.1.1, which is Cloudflare's famous public DNS
resolver, is not included in that list of IPv4 addresses:
IP Ranges | Cloudflare
https://www.cloudflare.com/ips/
Their main reference page (above) doesn't seem to mention it, but I
wonder if it might be prudent to whitelist it as well (in addition to
Cloudflare's official list) to ensure smoother operations overall.
> Hello,
>
> I believe you can enumerate cloudflare IPs via :
>
> https://www.cloudflare.com/ips-v4
> https://www.cloudflare.com/ips-v6
>
> It's likely an overfit situation (not just resolvers), but it's something.
>
> -tony
>
> On 12/2/23 21:57, Arne Jensen via mailop wrote:
> > Always happy to help! And wauh, times flies by these days...
> >
> > First of all - I completely agree with you, that several things could be
> > better here ;-).
> >
> > Taking the four major ones, the top list, from best to worst, might be
> > like:
> >
> > 1. OpenDNS
> > 2. Google
> > 3. Quad 9/PCH
> > 4. Cloudflare
> >
> > Given your mention of "internal documentation", maybe there could be
> > something more for you to document, if you haven't already:
> >
> > Google does, as mentioned previously, document their resolver
> > infrastructure on the Web, contrary to many others, but also with a JSON:
> >
> > -> API/JSON: https://www.gstatic.com/ipranges/publicdns.json
> >
> > OpenDNS is also documenting theirs, and also have PTR on the outgoing
> > resolver IP, but unfortunately, the PTR **doesn't always** point to one
> > of their OpenDNS.* domain names, which could be confusing:
> >
> > Reaching OpenDNS Copenhagen:
> > - 146.112.135.70 (r7.compute.cph1.edc.strln.net)
> > - 2a04:e4c0:17::73 (r10.compute.cph1.edc.strln.net)
> >
> > Reaching OpenDNS London:
> > - 208.69.34.73 (m53.lon.opendns.com)
> > - 2a04:e4c0:10::91 (r3.compute.lon1.edc.strln.net)
> >
> > It is however consistent with their locations as retrieved from here:
> >
> > -> Web: https://www.opendns.com/data-center-locations/
> > -> JSON:
> > https://umbrella-dns-requests.marketops.umbrella.com/api/data-center-locations
> >
> > Currently, it seems very much a hit and miss, mostly miss, when reaching
> > any IP address with PTR records, through Quad 9. I haven't ever seen
> > Quad 9 document it like OpenDNS or Google.
> >
> > With Cloudflare, I've never see any of their outbound resolver IP
> > addresses have any PTR records. I haven't ever seen Cloudflare document
> > it like OpenDNS or Google.
> >
> > With the above possible ways to retrieve the OpenDNS and Google data,
> > you have the option to automate e.g. a weekly update of their resolver
> > addresses, if you feel for something like that in any way. ;)
> >
>
> _______________________________________________
> mailop mailing list
> mailop@mailop.org
> https://list.mailop.org/listinfo/mailop
--
Postmaster - postmas...@inter-corporate.com
Randolf Richardson - rand...@inter-corporate.com
Inter-Corporate Computer & Network Services, Inc.
Vancouver, British Columbia, Canada
https://www.inter-corporate.com/
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
