14 Apr

EDNS support by Google's Public DNS

Just was looking around at EDNS support by Google. To find how it supports and how packet looks like I created a test NS records for dnstest.anuragbhatia.com pointing to one of test server (178.238.225.247). I wasn’t running any DNS server on the server. Just ran quick tcpdump.
 
At server end:

sudo tcpdump ‘port 53 and dst 178.238.225.247’ -nn -vvv -w sample.pcap

 
Then I forcefully triggered DNS queries via Google’s recursor using:

dig @8.8.8.8 dnstest.anuragbhatia.com

 
At server end dump was captured. In wireshark came across the packet:
Packet dump > DNS Query > Addition records > <Root> Type OPT > Option C Subnet – Client Subnet this shows client subnet of BSNL from which I queried. 🙂
EDNS
 
This is a very important project pushed by Google, OpenDNS etc to help CDNs (which are based on DNS resolution) perform optimally when end users use non-ISP based recursors. You can read more about project here.

02 Apr

Using bgpq3 for automated filter generation

Came across excellent tool called “bgpq3” from one of recent posts in NANOG mailing list. This tool can general filters for a given ASN for Cisco or Juniper based on RADB’s data.
 
E.g Juniper style config for AS54456 (1st ASN on which I worked on!) 🙂

anurag@server7:~$ bgpq3 -Jl Cloudaccess as54456
policy-options {
replace:
prefix-list Cloudaccess {
199.116.76.0/24;
199.116.77.0/24;
199.116.78.0/24;
199.116.79.0/24;
}
}
anurag@server7:~$

 
 
 
Cisco style config:

anurag@server7:~$ bgpq3 -l Cloudaccess as54456
no ip prefix-list Cloudaccess
ip prefix-list Cloudaccess permit 199.116.76.0/24
ip prefix-list Cloudaccess permit 199.116.77.0/24
ip prefix-list Cloudaccess permit 199.116.78.0/24
ip prefix-list Cloudaccess permit 199.116.79.0/24
anurag@server7:~$

 
 
Cisco XR style config:

anurag@server7:~$ bgpq3 -Xl Cloudaccess as54456
no prefix-set Cloudaccess
prefix-set Cloudaccess
199.116.76.0/24,
199.116.77.0/24,
199.116.78.0/24,
199.116.79.0/24
end-set
anurag@server7:~$

 
 
One can easily automate filter generation using such option for downstreams. Have a good long weekend ahead!