AKLUG Archive: [aklug] Re: GCI DNS servers

From: Royce Williams <royce@alaska.net>
Date: Tue Jan 29 2008 - 08:40:43 AKST

barsalou wrote, on 1/29/2008 8:22 AM:
>> Some interesting references:
>>
>> 98% of DNS Queries at the Root Level are Unnecessary
>> http://www.sciencedaily.com/releases/2003/01/030124074245.htm
>>
>> Is Your Caching Resolver Polluting the Internet?
>> http://dns.measurement-factory.com/writings/wessels-netts2004-slides.pdf
>>
>> DNS Measurements at a Root Server
>> http://www.caida.org/outreach/papers/2001/DNSMeasRoot/dmr.pdf
>
> Royce, Have you used or are you using dnstop?

Definitely. An excellent tool. I have noticed that leaving it
running on some OSes can cause a bit of system load.

I haven't used the other tools that the Measurement Factory guy
mentions (DSC).

> Looks like an interesting tool. Where are the links to fix these
> problems? Maybe I missed it in the text?

The recommendations that I found most helpful were in the article that
I have yet to locate. :)

In a general sense, using your ISP's servers should reduce load on the
roots, and you also benefit from a significant shared cache. Auditing
your zones with the dnstop '-l' option set to 3 or 4 (or more) and
then switching to the query view depth (Alt-3, Alt-4, etc.) will
reveal a lot about what queries you're making.

royce@heffalump$ sudo dnstop -l 5 [interface name]

Seeing a bunch of queries like this means that your resolver is trying
to look up

hostname 34
hostname.mydefaultdomain.org 34
anotherhost 23
anotherhost.mydefaultdomain.org 23

Seeing lots of bogus domains or un-fully-qualified hosts means that
your internal servers are leaking requests for their siblings:

wpad 113 0.6
local 107 1.5
mom 102 0.5
belkin 24 0.3

And the Measurement Factory guys have some built-in filters for bad
queries:

Available filters:
        unknown-tlds
        A-for-A
        rfc1918-ptr

Royce

-- 
Royce D. Williams                                - IP Engineering, ACS
http://www.tycho.org/royce/                   - PGP: 3FC087DB/1776A531
   Man is born to live, not to prepare for life.  - Boris Pasternak
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

Received on Tue Jan 29 08:41:20 2008

This archive was generated by hypermail 2.1.8 : Tue Jan 29 2008 - 08:41:20 AKST