Re: broken DNS proxying at public wireless hotspots

From: william(at)elan.net ("william)
Date: Sat Feb 03 2007 - 01:34:20 EST

  • Next message: Fergie: "Re: broken DNS proxying at public wireless hotspots"

    On Sat, 3 Feb 2007, Fergie wrote:

    > -----BEGIN PGP SIGNED MESSAGE-----
    > Hash: SHA1
    >
    > Use OpenDNS?
    >
    > - - ferg

    How can that make a difference when he already said that setting NS in
    "resolv.conf" does not help.

    BTW - personally if name resolution at hotspot is not working (and
    sometimes even if it is) I connect by ssh to my "home system" using
    its public ip address and then tunnel X11 and call broswer and other
    programs there.

    > - -- "Suresh Ramasubramanian" <> wrote:
    >
    > Right now, I'm on a swisscom eurospot wifi connection at Paris
    > airport, and this - yet again - has a DNS proxy setup so that the
    > first few queries for a host will return some nonsense value like
    > 1.2.3.4, or will return the records for com instead. Some 4 or 5
    > minutes later, the dns server might actually return the right dns
    > record.
    >
    > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25634
    > ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 11
    > ;; QUESTION SECTION:
    > ;www.kcircle.com. IN A
    > ;; AUTHORITY SECTION:
    > com. 172573 IN NS j.gtld-servers.net.
    > com. 172573 IN NS k.gtld-servers.net.
    >
    > [etc]
    > ;; Query time: 1032 msec
    > ;; SERVER: 192.168.48.1#53(192.168.48.1)
    > ;; WHEN: Sat Feb 3 11:33:07 2007
    > ;; MSG SIZE rcvd: 433
    >
    > They're not the first provider I've seen doing this, and the obvious
    > workarounds (setting another NS in resolv.conf, or running a local dns
    > caching resolver) dont work either as all dns traffic is proxied.
    > Sure I could route dns queries out through a ssh tunnel but the
    > latency makes this kind of thing unusable at times. I'm then reduced
    > to hardwiring some critical work server IPs into /etc/hosts
    >
    > What do nanogers usually do when caught in a situation like this?
    >
    > thanks
    > srs
    >
    > - --
    > Suresh Ramasubramanian ()
    >
    > -----BEGIN PGP SIGNATURE-----
    > Version: PGP Desktop 9.5.3 (Build 5003)
    >
    > wj8DBQFFxCmJq1pz9mNUZTMRAhCBAKCpmCoKnQ09hCF+uwAfnF/Ht5VQ8wCfXykH
    > ATEHEAwCnErNlgbZHYAmF+M=
    > =V8Zf
    > -----END PGP SIGNATURE-----

  • Next message: Fergie: "Re: broken DNS proxying at public wireless hotspots"





    Hosted Email Solutions

    Invaluement Anti-Spam DNSBLs



    		Powered By FreeBSD   Powered By FreeBSD