is there a list of public resolvers? e.g. 1.1.1.1, 4.4.4.4, 8.8.8.8, etc.? we have a measurement set which contains a list of resolvers, some of which we suspect are intentionally open, some unintentionally open, and some not open. we are trying to filter that first set, the intentionally open. the open resolver finders would seem not to meet our need. but, yes, it would be nice if they documented the intentional public open resolvers. randy
Randy Bush wrote on 01/02/2021 18:16:
is there a list of public resolvers? e.g. 1.1.1.1, 4.4.4.4, 8.8.8.8, etc.?
https://public-dns.info/ ? Nick
There are several good articles about the different ones out there and the level of filtering and response they can offer. I personally have been happy with Quad9's free DNS server (9.9.9.9) and the basic anti-bad stuff filtering it does. You get no reporting on what it blocks, but there are services (OpenDNS for example) out there you can pay for that offer reporting if needed. Thank you, Spencer -----Original Message----- From: NANOG <nanog-bounces+scoplin=f1techgroup.com@nanog.org> On Behalf Of Nick Hilliard Sent: Monday, February 1, 2021 12:20 PM To: Randy Bush <randy@psg.com> Cc: North American Network Operators' Group <nanog@nanog.org> Subject: Re: public open resolver list? CAUTION: This email originated from an external source. Verify the sender before taking any actions. Randy Bush wrote on 01/02/2021 18:16:
is there a list of public resolvers? e.g. 1.1.1.1, 4.4.4.4, 8.8.8.8, etc.?
https://public-dns.info/ ? Nick
is there a list of public resolvers? e.g. 1.1.1.1, 4.4.4.4, 8.8.8.8, etc.?
interesting, but probably too broad. but i suspect my question was too broad.
we have a measurement set which contains resolvers, some of which we suspect are intentionally open, some unintentionally open, and some not open. we are trying to filter that first set, the intentionally open.
i suspect it hinges on what one thinks of as 'public'. i.e. dtag's servers for its customers is not what i think of as public. maybe i mean globally public or something. randy, who clearly needs to think a bit more
On 10:49 01/02, Randy Bush wrote:
is there a list of public resolvers? e.g. 1.1.1.1, 4.4.4.4, 8.8.8.8, etc.?
interesting, but probably too broad.
but i suspect my question was too broad.
we have a measurement set which contains resolvers, some of which we suspect are intentionally open, some unintentionally open, and some not open. we are trying to filter that first set, the intentionally open.
i suspect it hinges on what one thinks of as 'public'. i.e. dtag's servers for its customers is not what i think of as public. maybe i mean globally public or something.
randy, who clearly needs to think a bit more
I don't know of an exhaustive list, but a while ago I collected these: cloudflare 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001 comodo: 8.26.56.26 8.20.247.20 dyn: 216.146.35.35 216.146.36.36 google: 8.8.8.8 8.8.4.4 2001:4860:4860::8888 2001:4860:4860::8844 level3: 4.2.2.2 4.2.2.1 norton: 199.85.126.10 199.85.127.10 opendns: 208.67.222.222 208.67.220.220 quad9: 9.9.9.9 149.112.112.112 2620:fe::fe 2620:fe::9 ultradns: 156.154.71.1 156.154.70.1 Hugo
On Feb 1, 2021, at 12:19 PM, Nick Hilliard <nick@foobar.org> wrote:
Randy Bush wrote on 01/02/2021 18:16:
is there a list of public resolvers? e.g. 1.1.1.1, 4.4.4.4, 8.8.8.8, etc.?
There’s also a list of interesting resolvers at https://gist.github.com/roycewilliams/6cb91ed94b88730321ca3076006229f1 —Chris
Nearly all of those seem to error out. Is that a wishful thinking list? Thank you, Kevin McCormick -----Original Message----- From: NANOG <nanog-bounces+kmccormick=mdtc.net@nanog.org> On Behalf Of Chris Boyd Sent: Monday, February 1, 2021 4:17 PM To: North American Network Operators' Group <nanog@nanog.org> Subject: Re: public open resolver list?
On Feb 1, 2021, at 12:19 PM, Nick Hilliard <nick@foobar.org> wrote:
Randy Bush wrote on 01/02/2021 18:16:
is there a list of public resolvers? e.g. 1.1.1.1, 4.4.4.4, 8.8.8.8, etc.?
There’s also a list of interesting resolvers at https://gist.github.com/roycewilliams/6cb91ed94b88730321ca3076006229f1 —Chris
Are all y’all allergic to Wikipedia or something? https://en.wikipedia.org/wiki/Public_recursive_name_server -Bill
Oh, Bill. If you’d use Wikipedia to check out Wikipedia, you’d be allergic too! :) https://en.wikipedia.org/wiki/Wikipedia:Wikipedia_is_not_a_reliable_source -mel On Feb 1, 2021, at 3:32 PM, Bill Woodcock <woody@pch.net> wrote: Are all y’all allergic to Wikipedia or something? https://en.wikipedia.org/wiki/Public_recursive_name_server -Bill
Curious! (wkipedia random page look): Comodo -> 8.26.56.26 && 8.20.247.20 as-path for those both: 174 23393 23393 16589 6762 3257 23393 23393 16589 $ whois AS16589 No match found for a 16589. (https://bgp.he.net/AS16589#_whois) So, sending your DNS queries into what sure looks like hijacked ip space and asn ... seems bad. On Mon, Feb 1, 2021 at 8:14 PM Mel Beckman <mel@beckman.org> wrote:
Oh, Bill. If you’d use Wikipedia to check out Wikipedia, you’d be allergic too! :)
https://en.wikipedia.org/wiki/Wikipedia:Wikipedia_is_not_a_reliable_source
-mel
On Feb 1, 2021, at 3:32 PM, Bill Woodcock <woody@pch.net> wrote:
Are all y’all allergic to Wikipedia or something?
https://en.wikipedia.org/wiki/Public_recursive_name_server
-Bill
$ whois AS16589 No match found for a 16589.
* lists@benappy.com (Michel 'ic' Luczak) [Tue 02 Feb 2021, 14:48 CET]:
whois -r AS16589 # perhaps?
aut-num: AS16589 as-name: ELV-ANYCAST-NET
You skipped the most important line:
source: RIPE-NONAUTH
In other words, this object dates back to the times when anybody could throw almost anything into RIPE's IRRdb. In other words, it's not authoritative and its presence doesn't mean anything. It's probably legit, the data is old but somewhat consistent. Comodo should probably try to clean up the RIR administration surrounding this ASN, though. -- Niels.
----- Original Message -----
From: "Bill Woodcock" <woody@pch.net>
Are all y’all allergic to Wikipedia or something?
Lots of people seem to be... :-}
I find it interesting that that article mentions alt-roots, but doesn't have a column for that, nor any actual mention of such resolvers... Cheers, -- jra -- Jay R. Ashworth Baylink jra@baylink.com Designer The Things I Think RFC 2100 Ashworth & Associates http://www.bcp38.info 2000 Land Rover DII St Petersburg FL USA BCP38: Ask For It By Name! +1 727 647 1274
participants (12)
-
Bill Woodcock
-
Chris Boyd
-
Christopher Morrow
-
Hugo Salgado
-
Jay R. Ashworth
-
Kevin McCormick
-
Mel Beckman
-
Michel 'ic' Luczak
-
Nick Hilliard
-
niels=nanog@bakker.net
-
Randy Bush
-
Spencer Coplin