Skip to Content.
Sympa Menu

dns-operations - Re: [opennic-dns-operations] T2 test script out of date/hard-coded?

dns-operations AT lists.opennicproject.org

Subject: Dns-operations mailing list

List archive

Re: [opennic-dns-operations] T2 test script out of date/hard-coded?


Chronological Thread  
    < Chronological >       < Thread >
  • From: Rouben <rouben AT rouben.net>
  • To: dns-operations AT lists.opennicproject.org
  • Subject: Re: [opennic-dns-operations] T2 test script out of date/hard-coded?
  • Date: Mon, 4 Apr 2022 12:09:20 -0400
Resurrecting this thread from 2019... for whitelisting/allow listing servers, what IP ranges are the checks run from?

I had to deanonymize my logs temporarily and track down the IPs querying my DNS server to determine (smtp.sourpuss.net, mx{3,5}.sourpuss.net).

Rouben


On Thu, Jul 25, 2019 at 8:13 PM Jeff Taylor <dns-operations AT lists.opennicproject.org> wrote:
Erg, can you tell it's been awhile since I've looked at this list?

I do in fact have a new script in process with much more comprehensive testing.  One thing I still need to update is some code that tracks which ICANN entries fail multiple servers and automatically remove them from the list.  This project also has the ability to generate a lot more data about any failures, and I'd like to have the option to output a JSON array with that info.

In the meantime you can feel free to test my progress here: https://servers.opennicproject.org/srvtest3/

Note there is currently no distinction between T1 and T2 servers, it expects all servers to resolve ICANN domains (which isn't always true with T1 servers).


On 02/12/2019 05:05 PM, bongobow (via dns-operations Mailing List) wrote:
IIRC the server that's doing the testing is located somewhere around
NC, USA, and some dns servers return geolocated responses, which make
testing like this not work at all.  I just tested the domain name you
mentioned from 3 different locations to 8.8.8.8 and received different
results for them all.  Shadow has said he'll update the script with
something bigger and better, but seems currently busy with other things.

~bongobow

On Tue, 12 Feb 2019 01:12:43 -0500
"Rouben" (via dns-operations Mailing List)
<dns-operations AT lists.opennicproject.org> wrote:


Hello,

The T2 test script at http://report.opennicproject.org/t2log/t2.php is
using perhaps older values (hard-coded?) for the
dig A www.abs.gov.au @51.255.211.146 +short
query. The results are consistently:
dig A www.abs.gov.au @51.255.211.146 +short

   - Recv: "" "52.85.255.36" "52.85.255.106" "52.85.255.3"
"52.85.255.254"
   - Expecting: "" "99.84.104.123" "99.84.104.54" "99.84.104.75"
   "99.84.104.95"

Running a similar query against 8.8.8.8 yields the same result:
dig @8.8.8.8 a www.abs.gov.au +short
d3kdffia80qe2y.cloudfront.net.
52.85.255.7
52.85.255.59
52.85.255.148
52.85.255.69

Rouben

----
To unsubscribe, email dns-operations-unsubscribe AT lists.opennicproject.org


Archive powered by MHonArc 2.6.24.

Top of Page