[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[public-dns-discuss] Re: ctripcorp.com



UG wrote:
one of mobile device at my work place is looking up for resolving "m.ctrip.uat.qa.nt.ctripcorp.com" (constantly)
but we see it's not resolving and hammering google public DNS servers constantly.

Thanks for your report, we have noticed this as well, but didn't have any way to identify the source. Can you provide any details on this mobile device, or any apps that it might have installed that are generating this traffic?
 
When I looked NS for ctripcorp.com, I noticed the NS are ns1.ctripcorp.com and ns2.ctripcorp.com and also have glue record pointing to google public DNS records.
 
Is this correct glue records? To me it doesn't look correct

No, these are not correct name server addresses; Google Public DNS does not provide authoritative DNS service. 
 
What can be done about this issue?

Turn off the mobile device? :-) Seriously though, Google Public DNS can't really do anything other than what it does now (return SERVFAIL). Forging an NXDOMAIN or NODATA response that could be cached could help caching resolvers that forward queries to Google Public DNS, but would prevent the domain owner from actually fixing their misconfiguration.

From the name, it seems like an internal corporate domain that is handled specially in their internal networks, but won't work on the outside Internet. In most cases, people doing that put an RFC 1918 private IPv4 address for the name server, but if they want to just disable resolution on the outside, putting any non-working IP address (including recursive resolvers like 8.8.8.8) has much the same effect, and doesn't potentially leak information about addresses used on their internal network. It's kind of dumb, but at Google's scale, the number of queries isn't really significant.

--
--
========================================================
You received this message because you are subscribed to the Google
Groups "public-dns-discuss" group.
To post to this group, send email to public-dns-discuss AT googlegroups.com
To unsubscribe from this group, send email to
public-dns-discuss+unsubscribe AT googlegroups.com
For more options, visit this group at
http://groups.google.com/group/public-dns-discuss
For more information on Google Public DNS, please visit
http://developers.google.com/speed/public-dns
========================================================
---
You received this message because you are subscribed to the Google Groups "public-dns-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to public-dns-discuss+unsubscribe AT googlegroups.com.
For more options, visit https://groups.google.com/d/optout.