Re: Problems with NS*.worldnic.com

["Steven M. Bellovin" <smb () cs columbia edu>]

In message <Pine.GSO.4.58.0504261351530.6246 () sharpie argfrp us uu net>, "Christ
opher L. Morrow" writes:
> On Tue, 26 Apr 2005, Randy Bush wrote:
>
> > lots of folk sent email to me and not the list.  most report
> > worldnic responding with tcp 53 and not udp.  would love to
> > hear confirmation on list.  can think of a number of causes,
> > one possible, but just a stab in the dark, would be an
> > intentional hack as a defense to a spoofed-ip attack.
> >
> > what are some names known to be hosted on worldnic?
>
> we had problems reported with:
>
> www.calairmail.com
> www.holidaycardwebsite.com
>
> I did some poking around lastnight with dig and some local unix hosts that
> I hadn't tried this before on and got no change to tcp :( (so no truncate
> and returned results via UDP) though today I see:
>
> morrowc@iad1-srv02:~$ dig www.holidaycardwebsite.com. @ns7.worldnic.com
> ;; Truncated, retrying in TCP mode.
>
> and failures (which is PROBABLY my silly iptables config...)
>
> morrowc@iad1-srv02:~$ dig www.holidaycardwebsite.com. @ns8.worldnic.com
>
> ; <<>> DiG 9.2.2rc1 <<>> www.holidaycardwebsite.com. @ns8.worldnic.com
> ;; global options:  printcmd

> interesting that both servers aren't doing the same thing?
Both work for me, from two different places, one of which has v6 
connectivity and one of which doesn't.

                --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb