nanog mailing list archives
RE: broken DNS proxying at public wireless hotspots
From: "John van Oppen" <john () vanoppen com>
Date: Sat, 3 Feb 2007 10:42:57 -0800
My experience with swisscom's "eurospot" hotspots ended up involving my tunneling everything over my VPN. John -----Original Message----- From: owner-nanog () merit edu [mailto:owner-nanog () merit edu] On Behalf Of Suresh Ramasubramanian Sent: Friday, February 02, 2007 10:08 PM To: nanog list Subject: broken DNS proxying at public wireless hotspots Right now, I'm on a swisscom eurospot wifi connection at Paris airport, and this - yet again - has a DNS proxy setup so that the first few queries for a host will return some nonsense value like 1.2.3.4, or will return the records for com instead. Some 4 or 5 minutes later, the dns server might actually return the right dns record. ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25634 ;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 11 ;; QUESTION SECTION: ;www.kcircle.com. IN A ;; AUTHORITY SECTION: com. 172573 IN NS j.gtld-servers.net. com. 172573 IN NS k.gtld-servers.net. [etc] ;; Query time: 1032 msec ;; SERVER: 192.168.48.1#53(192.168.48.1) ;; WHEN: Sat Feb 3 11:33:07 2007 ;; MSG SIZE rcvd: 433 They're not the first provider I've seen doing this, and the obvious workarounds (setting another NS in resolv.conf, or running a local dns caching resolver) dont work either as all dns traffic is proxied. Sure I could route dns queries out through a ssh tunnel but the latency makes this kind of thing unusable at times. I'm then reduced to hardwiring some critical work server IPs into /etc/hosts What do nanogers usually do when caught in a situation like this? thanks srs -- Suresh Ramasubramanian (ops.lists () gmail com)
Current thread:
- Re: broken DNS proxying at public wireless hotspots, (continued)
- Re: broken DNS proxying at public wireless hotspots Peter Dambier (Feb 03)
- Re: broken DNS proxying at public wireless hotspots Carl Karsten (Feb 03)
- Re: broken DNS proxying at public wireless hotspots Steven M. Bellovin (Feb 03)
- Message not available
- Re: broken DNS proxying at public wireless hotspots Peter J. Cherny (Feb 03)
- Re: broken DNS proxying at public wireless hotspots Mark Foster (Feb 04)
- Re: broken DNS proxying at public wireless hotspots Peter J. Cherny (Feb 03)
- Re: broken DNS proxying at public wireless hotspots Fergie (Feb 02)
- Re: broken DNS proxying at public wireless hotspots Joe Abley (Feb 02)
- Re: broken DNS proxying at public wireless hotspots william(at)elan.net (Feb 02)
- Re: broken DNS proxying at public wireless hotspots Chris L. Morrow (Feb 02)
- Re: broken DNS proxying at public wireless hotspots Fergie (Feb 02)
- RE: broken DNS proxying at public wireless hotspots John van Oppen (Feb 03)
- RE: broken DNS proxying at public wireless hotspots Lasher, Donn (Feb 03)
- Re: broken DNS proxying at public wireless hotspots Trent Lloyd (Feb 03)
- Re: broken DNS proxying at public wireless hotspots Joe Abley (Feb 03)
- Re: broken DNS proxying at public wireless hotspots Trent Lloyd (Feb 03)
- Re: broken DNS proxying at public wireless hotspots Roy (Feb 03)
- Re: broken DNS proxying at public wireless hotspots Chris Adams (Feb 04)
- Re: broken DNS proxying at public wireless hotspots Chris Adams (Feb 04)
- Re: broken DNS proxying at public wireless hotspots Trent Lloyd (Feb 03)