24 Nov
2020
24 Nov
'20
6:54 a.m.
Marius,
Please see the wiki again - I believe you missed an important part:
"44/8 hosts may use as recursive/Client DNS servers"
A late Silent Key dear to all of us told me - and I think we discussed it recently, that
Internet traffic on AMPRGW should be reduced. One method is to not allow the public side
of an AMPR gateway to reach the 44-side of another - as that uses AMPRGW when there should
be a perfectly good route directly to their 44 subnet.
It's my understanding all of our recursive DNS servers are configured like this - if
this is a problem for others too, I will consider allowing your IPENCAP public IPs by
firewall rule to use DNS.
73,
- Lynwood
KB3VWG
PS: That late SK also suggested I'd not open the DNS to public IPs.
-----Original Message-----
From: Marius Petrescu <marius(a)yo2loj.ro>
To: AMPRNet working group <44net(a)mailman.ampr.org>
Cc: lleachii(a)aol.com
Sent: Tue, Nov 24, 2020 5:15 am
Subject: Re: [44net] Non-stop DNS requests
It is, if one sets 44.60.44.3 as a DNS server on any router. It does not
need to be MikroTik.
Marius, YO2LOJ
On 24.11.2020 11:29, lleachii--- via 44Net wrote:
All,
Can the operator of 44.178.0.0/30 contact me off thread and/or reconfigure their
gateway's public 93.123.xxx.xxx address - as to stop sending incessant DNS requests.
This traffic is blocked at my firewall and using the resources of AMPRGW.
As an FYI and reminder, operators should use 44net IPs to access the DNS service.
(times UTC)
09:06:20.787664 IP (tos 0x0, ttl 44, id 61193, offset 0, flags [none], proto UDP (17),
length 64)
93.123.xxx.xxx.5678 > 44.60.44.3.53: [udp sum ok] 42486+ A? cloud.mikrotik.com.
(36)
09:06:21.788026 IP (tos 0x0, ttl 44, id 52880, offset 0, flags [none], proto UDP (17),
length 64)
93.123.xxx.xxx.5678 > 44.60.44.3.53: [udp sum ok] 42486+ A? cloud.mikrotik.com.
(36)
09:06:22.788096 IP (tos 0x0, ttl 44, id 40377, offset 0, flags [none], proto UDP (17),
length 64)
93.123.xxx.xxx.5678 > 44.60.44.3.53: [udp sum ok] 42486+ A? cloud.mikrotik.com.
(36)
09:06:23.792789 IP (tos 0x0, ttl 44, id 52426, offset 0, flags [none], proto UDP (17),
length 64)
93.123.xxx.xxx.5678 > 44.60.44.3.53: [udp sum ok] 42486+ A? cloud.mikrotik.com.
(36)
09:06:24.787615 IP (tos 0x0, ttl 44, id 8877, offset 0, flags [none], proto UDP (17),
length 64)
93.123.xxx.xxx.5678 > 44.60.44.3.53: [udp sum ok] 42486+ A? cloud.mikrotik.com.
(36)
Is this the normal behavior of a MikroTik device?
73,
- Lynwood
KB3VWG
_________________________________________
44Net mailing list
44Net(a)mailman.ampr.org
https://mailman.ampr.org/mailman/listinfo/44net