Re: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500
From: Chuck Swiger (chuck@codefab.com)
Date: 02/17/03
- Previous message: Mike Scher: "Re: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500"
- In reply to: Reckhard, Tobias: "RE: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500"
- Next in thread: David Lang: "Re: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500"
- Reply: David Lang: "Re: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Chuck Swiger <chuck@codefab.com> To: "'firewall-wizards@honor.ics..." <firewall-wizards@honor.icsalabs.com> Date: Mon, 17 Feb 2003 11:39:57 -0500
Reckhard, Tobias wrote:
[ ... ]
> I'd be interested in other, real-world reasons why DNS responses
> should be allowed to be over 512 bytes in size. Not out of
> opposition, but out of interest.
MX records for popular domains:
58-sec% dig aol.com. @pi.codefab.com. mx
; <<>> DiG 8.3 <<>> aol.com. @pi.codefab.com. mx
; (1 server found)
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 4
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 30
;; QUERY SECTION:
;; aol.com, type = MX, class = IN
;; ANSWER SECTION:
aol.com. 1H IN MX 15 mailin-02.mx.aol.com.
aol.com. 1H IN MX 15 mailin-03.mx.aol.com.
aol.com. 1H IN MX 15 mailin-04.mx.aol.com.
aol.com. 1H IN MX 15 mailin-01.mx.aol.com.
;; AUTHORITY SECTION:
aol.com. 1H IN NS dns-01.ns.aol.com.
aol.com. 1H IN NS dns-02.ns.aol.com.
aol.com. 1H IN NS dns-06.ns.aol.com.
aol.com. 1H IN NS dns-07.ns.aol.com.
;; ADDITIONAL SECTION:
mailin-02.mx.aol.com. 5M IN A 64.12.136.89
mailin-02.mx.aol.com. 5M IN A 64.12.136.121
mailin-02.mx.aol.com. 5M IN A 64.12.137.89
mailin-02.mx.aol.com. 5M IN A 64.12.137.184
mailin-02.mx.aol.com. 5M IN A 64.12.138.89
mailin-02.mx.aol.com. 5M IN A 64.12.138.120
mailin-03.mx.aol.com. 5M IN A 64.12.136.217
mailin-03.mx.aol.com. 5M IN A 64.12.136.249
mailin-03.mx.aol.com. 5M IN A 64.12.137.121
mailin-03.mx.aol.com. 5M IN A 64.12.137.152
mailin-03.mx.aol.com. 5M IN A 64.12.138.57
mailin-03.mx.aol.com. 5M IN A 64.12.138.120
mailin-04.mx.aol.com. 5M IN A 152.163.224.122
mailin-04.mx.aol.com. 5M IN A 64.12.136.153
mailin-04.mx.aol.com. 5M IN A 64.12.137.121
mailin-04.mx.aol.com. 5M IN A 64.12.137.152
mailin-04.mx.aol.com. 5M IN A 64.12.138.89
mailin-04.mx.aol.com. 5M IN A 205.188.156.154
mailin-04.mx.aol.com. 5M IN A 64.12.138.152
mailin-01.mx.aol.com. 5M IN A 152.163.224.26
mailin-01.mx.aol.com. 5M IN A 64.12.136.57
mailin-01.mx.aol.com. 5M IN A 205.188.156.122
mailin-01.mx.aol.com. 5M IN A 64.12.137.89
mailin-01.mx.aol.com. 5M IN A 64.12.137.184
mailin-01.mx.aol.com. 5M IN A 64.12.138.57
mailin-01.mx.aol.com. 5M IN A 64.12.138.152
dns-01.ns.aol.com. 44m44s IN A 152.163.159.232
dns-02.ns.aol.com. 44m44s IN A 205.188.157.232
dns-06.ns.aol.com. 1d16h44m41s IN A 149.174.211.8
dns-07.ns.aol.com. 1d16h44m41s IN A 64.12.51.132
;; Total query time: 222 msec
;; FROM: sec.codefab.com to SERVER: pi.codefab.com. 12.38.161.140
;; WHEN: Sun Feb 16 19:07:29 2003
;; MSG SIZE sent: 25 rcvd: 699
-Chuck
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Next message: Chuck Swiger: "[fw-wiz] PKI-X, an OID, and FreeBSD...?"
- Previous message: Mike Scher: "Re: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500"
- In reply to: Reckhard, Tobias: "RE: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500"
- Next in thread: David Lang: "Re: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500"
- Reply: David Lang: "Re: [fw-wiz] Allowing DNS servers to operate behind NetScreen 500"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
