I am running djbdns and my own root-server (tinydns) on my laptop. To axfr the root and some other zones, I use port 3001 (Cesidian Root). With cloned (not actually slaved) zones I have no problem at all but others might still get me. I have seen the Mac can use things like nameserver 192.168.208.228:3001 in his /etc/resolv.conf, linux cannot. That is why I have not tried. Anyhow there are not many open resolvers on port 3001. You can run bind on your laptop (even with windows). I dont know if you can tell it to use other ports than 53 for the forwarders - but you have the source. Dig can do it. In case you need ip-addresses for djbdns, try ifconfig lo:1 127.0.1.16 netmask 255.255.255.0 ifconfig lo:1 127.0.2.16 netmask 255.255.255.0 Now you have enough ip-addresses to run dnscache, tinydns and axfrdns on one and the same laptop, even when your ip-address to the wlan is constantly changeing. Cheers Peter and Karin Suresh Ramasubramanian wrote:
Right now, I'm on a swisscom eurospot wifi connection at Paris airport, and this - yet again - has a DNS proxy setup so that the first few queries for a host will return some nonsense value like 1.2.3.4, or will return the records for com instead. Some 4 or 5 minutes later, the dns server might actually return the right dns record.
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25634 ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 11 ;; QUESTION SECTION: ;www.kcircle.com. IN A ;; AUTHORITY SECTION: com. 172573 IN NS j.gtld-servers.net. com. 172573 IN NS k.gtld-servers.net.
[etc] ;; Query time: 1032 msec ;; SERVER: 192.168.48.1#53(192.168.48.1) ;; WHEN: Sat Feb 3 11:33:07 2007 ;; MSG SIZE rcvd: 433
They're not the first provider I've seen doing this, and the obvious workarounds (setting another NS in resolv.conf, or running a local dns caching resolver) dont work either as all dns traffic is proxied. Sure I could route dns queries out through a ssh tunnel but the latency makes this kind of thing unusable at times. I'm then reduced to hardwiring some critical work server IPs into /etc/hosts
What do nanogers usually do when caught in a situation like this?
thanks srs
-- Peter and Karin Dambier Cesidian Root - Radice Cesidiana Rimbacher-Strasse 16 D-69509 Moerlenbach-Bonsweiher +49(6209)795-816 (Telekom) +49(6252)750-308 (VoIP: sipgate.de) mail: peter@peter-dambier.de mail: peter@echnaton.serveftp.com http://iason.site.voila.fr/ https://sourceforge.net/projects/iason/ http://www.cesidianroot.com/