-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >>> - Do not flood root servers with reverse lookup queries for >>> private addresses (I want my traceroutes to work on the >>> inside of the network too, so I long ago configured reverse >>> lookup for private addresses on my internal DNS servers). > >> Kurt Erik Lindqvist wrote: >> Say again? > > Where are all these bogus requests to reverse lookup an RFC1918 address > coming from? There are a hell of a lot traceroutes going on then... Also note that at least at i.root there are a lot more queries with src addresses being RFC1918. This is the same for f.root as far as I can remember. > display purposes; this reverse lookup fails on the local DNS server and > might end up in one of the roots. Well, as for the reverse lookup it should end up with one of the AS112 servers as the in-addr.arpa zones have been delegated. > However, if a reverse lookup zone (1.168.192.in-addr.arpa in this case) > is configured in the DNS server that the host doing the traceroute is > using, and if the correct PTR is configured (1.1.168.192.in-addr.arpa > PTR cisco.arneill-py.sacrament.ca.us) the traceroute correctly > reverse-lookups the first hop and that request never ends up in a root > server. Also, it's faster because it does not waste 5 seconds timing > out > on the request. I won't argue against you. Now, why don't people do this? - - kurtis - -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.2 iQA/AwUBP4zadKarNKXTPFCVEQIk1gCg9wbLn6KW3um4Lg+BbyaBM3WO73QAn1AW BnQMQ5eVfo1zHoprDRQkwFjG =h//K -----END PGP SIGNATURE-----