Dns-operations mailing list

[mercificator AT gmx.com]

Hi Julien, I think I can query your server!

; <<>> DiG 9.9.5-3ubuntu0.5-Ubuntu <<>> www.gmail.com @51.254.217.141
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41062
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 4, ADDITIONAL: 5

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.gmail.com.                 IN      A

;; ANSWER SECTION:
www.gmail.com.          86370   IN      CNAME   mail.google.com.
mail.google.com.        172770  IN      CNAME   googlemail.l.google.com.
googlemail.l.google.com. 270    IN      A       216.58.211.101

;; AUTHORITY SECTION:
google.com.             172770  IN      NS      ns3.google.com.
google.com.             172770  IN      NS      ns1.google.com.
google.com.             172770  IN      NS      ns4.google.com.
google.com.             172770  IN      NS      ns2.google.com.

;; ADDITIONAL SECTION:
ns1.google.com.         172770  IN      A       216.239.32.10
ns2.google.com.         172770  IN      A       216.239.34.10
ns3.google.com.         172770  IN      A       216.239.36.10
ns4.google.com.         172770  IN      A       216.239.38.10

;; Query time: 57 msec
;; SERVER: 51.254.217.141#53(51.254.217.141)
;; WHEN: Thu Oct 22 21:34:49 CEST 2015
;; MSG SIZE  rcvd: 247




> Sent: Tuesday, October 20, 2015 at 5:33 PM
> From: "Julien Sansonnens" <julien AT jsansonnens.ch>
> To: dns-operations AT lists.opennicproject.org
> Subject: [opennic-dns-operations] Hi, and some troubles...
>
> Hi everybody,
> 
> I have been interested with opennic for quite a long time, and some
> days ago I decieded to run a public T2 dns server.
> I'm a system administrator from Switzerland, 35 yo, and I use debian
> linux. My motivations in helping opennic are both technical and
> ideological.
> 
> I operate a T2 server @pluton.zaledia.com (51.254.217.141), and I
> experienced some troubles with the process.
> 
> 1. I tried to add my server under http://servers.opennicproject.org/,
> but was not able to do it. Here is the output:
> 
> Warning: ldap_add(): Add: Other (e.g., implementation specific) error
> in /home/opennicproject.org/http/servers/_edit.php on line 298
> 
> Warning: Cannot modify header information - headers already sent by
> (output started at
> /home/opennicproject.org/http/servers/_edit.php:298) in
> /home/opennicproject.org/http/servers/_edit.php on line 303
> 
> 2. I'm not sure about the iptables rules to help mitigate DDOS. I
> added some rules based on those:
> http://wiki.opennicproject.org/Tier2Security
> Now, I can query my dns server from my home system, but
> http://report.opennicproject.org/t2log/test.php cannot access it.
> Maybe my rules are a bit too agressive ? Are you guys able to query my
> server ? Do you have some recommended rules that are not listed on the
> wiki ?
> 
> Best regards, Julien
> 
> ----
> To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org
>