swinog

swinog@lists.swinog.ch

2934 discussions

Google Safe Browsing vs DNS TCP reply
by Guy Baconniere 09 Jul '09

09 Jul '09

Hello, safebrowsing-cache.google.com is checked from both Google Toolbar included by default in Firefox 3 and on Google Chrome Navigator. Google Toolbar is also available on IE, etc. When the query reaches the DNS of the ISP it will reply with a DNS TCP reply if minimal-responses is no (default on Bind9) or with a small UDP DSN reply if minimal-responses is yes. I recommend that all ISP use minimal-responses yes or equivalent on their DNS server. This will save bandwidth and avoid DNS TCP … [View More]reply to be blocked in a Firewall in the path. Best Regards, Guy Baconniere http://www.divideandconquer.se/2009/06/25/firefox-30-freezes-waiting-to-res… Add “minimal-responses yes;” in your bind9 configuration or ask your ISP to do so. /etc/bind/named.conf.options options { // … // only add records to the authority and additional data sections when required minimal-responses yes; }; By doing this Google’s safebrowsing-cache.google.com will fit in a standard UDP DNS packet otherwise with additional section it will be TCP DNS packet. check the result with or without minimal-responses of dig safebrowsing-cache.google.com With minimal-responses no (default on Bind9) IP (tos 0×0, ttl 64, id 40627, offset 0, flags [none], proto UDP (17), length 75) 127.0.0.1.49553 > 127.0.0.1.53: [bad udp cksum 6429!] 40815+ A? safebrowsing-cache.google.com. (47) IP (tos 0×0, ttl 64, id 40628, offset 0, flags [none], proto UDP (17), length 526) 127.0.0.1.53 > 127.0.0.1.49553: 40815| q: A? safebrowsing-cache.google.com. 25/2/0 safebrowsing-cache.google.com.[|domain] IP (tos 0×0, ttl 64, id 4337, offset 0, flags [DF], proto TCP (6), length 60) 127.0.0.1.57552 > 127.0.0.1.53: S, cksum 0×30e4 (correct), 272739230:272739230(0) win 32792 IP (tos 0×0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60) 127.0.0.1.53 > 127.0.0.1.57552: S, cksum 0×6453 (correct), 281541131:281541131(0) ack 272739231 win 32768 IP (tos 0×0, ttl 64, id 4338, offset 0, flags [DF], proto TCP (6), length 52) 127.0.0.1.57552 > 127.0.0.1.53: ., cksum 0×4b76 (correct), 1:1(0) ack 1 win 513 IP (tos 0×0, ttl 64, id 4339, offset 0, flags [DF], proto TCP (6), length 101) 127.0.0.1.57552 > 127.0.0.1.53: P 1:50(49) ack 1 win 513 5198+[|domain] IP (tos 0×0, ttl 64, id 16739, offset 0, flags [DF], proto TCP (6), length 52) 127.0.0.1.53 > 127.0.0.1.57552: ., cksum 0×4b46 (correct), 1:1(0) ack 50 win 512 14:44:32.883449 IP (tos 0×0, ttl 64, id 16740, offset 0, flags [DF], proto TCP (6), length 632) 127.0.0.1.53 > 127.0.0.1.57552: P 1:581(580) ack 50 win 512 5198 q:[|domain] IP (tos 0×0, ttl 64, id 4340, offset 0, flags [DF], proto TCP (6), length 52) 127.0.0.1.57552 > 127.0.0.1.53: ., cksum 0×48ef (correct), 50:50(0) ack 581 win 531 IP (tos 0×0, ttl 64, id 4341, offset 0, flags [DF], proto TCP (6), length 52) 127.0.0.1.57552 > 127.0.0.1.53: F, cksum 0×48ee (correct), 50:50(0) ack 581 win 531 IP (tos 0×0, ttl 64, id 16741, offset 0, flags [DF], proto TCP (6), length 52) 127.0.0.1.53 > 127.0.0.1.57552: F, cksum 0×4900 (correct), 581:581(0) ack 51 win 512 IP (tos 0×0, ttl 64, id 4342, offset 0, flags [DF], proto TCP (6), length 52) 127.0.0.1.57552 > 127.0.0.1.53: ., cksum 0×48ed (correct), 51:51(0) ack 582 win 531 With minimal-responses yes IP (tos 0×0, ttl 64, id 40623, offset 0, flags [none], proto UDP (17), length 75) 127.0.0.1.40215 > 127.0.0.1.53: [bad udp cksum 8a13!] 55747+ A? safebrowsing-cache.google.com. (47) IP (tos 0×0, ttl 64, id 40624, offset 0, flags [none], proto UDP (17), length 494) 127.0.0.1.53 > 127.0.0.1.40215: 55747 q: A? safebrowsing-cache.google.com. 25/0/0 safebrowsing-cache.google.com.[|domain] Best Regards, Guy Baconniere [View Less]

3 4

Bluewin MX caching problem
by Mathias Schrem 08 Jul '09

08 Jul '09

Hi everybody Can a Bluewin postmaster contact me off-list please? Cheers Mathias

1 0

looking for dslam
by Reza Kordi 07 Jul '09

07 Jul '09

Hi Guys I am looking for a DSLAM with a small footprint that is supported and tested with Cisco cpe's appreciate any hints. Cheers, Reza

1 0

OT: network connection 500 - 1000m
by Daniel Kamm 07 Jul '09

07 Jul '09

Dear networkers, I have an off-topic network problem, but some ppl here might help me. I need to build an IP network line from the middle of a construction site to an internet connection place for a one-time event. The distance is around 500 - 1000m. No line of sight and therefore directed WLAN will not work without several relays. At the moment I'm thinking of using a copper line and some old fashioned 1MBit lease line modems. Do you have other ideas of getting this to work or may have … [View More]

6 5

ID4214468 C-A-N-A-D-l-A-N P-H-A-R-M-A-C-Y
by swinog-list 06 Jul '09

06 Jul '09

1 0

Request for school presentation on "the internet"
by Norbert Bollow 02 Jul '09

02 Jul '09

Hi, my 13 year old son will be giving a talk tomorrow in school about "the internet". He has decided to focus in the talk on the technical side, like fundamental principles of how DNS resolution works. He has asked me if I could help him find some datacenter-type equipment that he can show off to the other students in his class. For example some rackmount device and a bit of optical fibre, if possible. There is no need for the stuff to be in working order. Since the talk is tomorrow, we'… [View More]

2 1

SwiNOG-BE75 - Beer Event 75 - 6th of July 2009 @ el Lokal / Zurich
by Roman Hochuli 30 Jun '09

30 Jun '09

hi everybody as steven is on holiday i am taking over his job. please find below the announcement for the next beer event: the facts for the next event: ----------------------------- Date: 6th of July 2009 Time: starting around 18.30 o'clock Location: @ the "el Lokal" (Gessner-Allee 11) in ZH (www.ellokal.ch) Registration deadline: 06.07.2009 12:00:00 ------------- Please register here: http://swinog.mrmouse.ch/ since we have to make … [View More]

1 0

New IP Range
by Xaver Aerni 26 Jun '09

26 Jun '09

Hello, We have since begin of this mount a new IP Rage /24. Our Mailservers has the IP Adresses 91.209.98.30 - 91.209.98.40. Some of the IP are now used other in Reserve. I think the IP Range was before we received it blacklistet on different systems. We was happy when the ISP like bluewin.ch can withelist this range... The old Range 195.141.232.70/24 we will give back to ripe. Greetings Xariffusion Informatik & Telecom X. Aerni Xariffusion Informatik & Telecom Administration Zü… [View More]

1 0

Orangemail
by Xaver Aerni 26 Jun '09

26 Jun '09

Hello, Cold an Administrator from ornagemail me contact offline. Greetings Xaver ********************************************** Xaver Aerni Zürichstrasse 10a 8340 Hinwil Tel. 001 707 361 68 39

1 0

Fwd: Imminent closure of SORBS.
by Matthias Leisi 23 Jun '09

23 Jun '09

For those of you running some anti-spam solution, watch out for SORBS disappearing. Amongst other products, it's part of a default SpamAssassin config. -- Matthias -------- Original-Nachricht -------- Betreff: Imminent closure of SORBS. Datum: Mon, 22 Jun 2009 12:26:39 +1000 Von: Michelle Sullivan <michelle_s-news(a)sorbs.net> Organisation: Spam and Open Relay Blocking System Newsgruppen: news.admin.net-abuse.email All, Please feel free to forward this message to any other location/… [View More]

4 5

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

swinog