[{"author": "George Michaelson", "text": "


", "time": "2023-11-08T08:32:52Z"}, {"author": "Alan Frindell", "text": "

We find GSO makes a difference in QUIC perf

", "time": "2023-11-08T08:59:59Z"}, {"author": "Madhan Kanagarathinam", "text": "

Interesting presentation !!

", "time": "2023-11-08T09:01:42Z"}, {"author": "Vidhi Goel", "text": "

@constantin: L4S and ECN is very important for us at Apple. If you could do some client testing using apple devices and give us your analysis, I would really appreciate it.

", "time": "2023-11-08T09:15:59Z"}, {"author": "Constantin Sander", "text": "

@vidhi: Sure, I am just currently unable to use the dm function, I will ping you an email, if that's okay?

", "time": "2023-11-08T09:30:12Z"}, {"author": "Jason Livingood", "text": "

100% agree with Lorenzo: would be good to name the networks contributing to this DNS issue and reach out to them to understand & correct it. 600,000 is not a huge number - probably just fixing it in a small number of providers will resolve it.

", "time": "2023-11-08T09:30:57Z"}, {"author": "Matthias W\u00e4hlisch", "text": "

the networks are listed here https://odns.secnow.net/data. and yes, we tried (and still try) to reach out to them. some listen, some don't ;).

", "time": "2023-11-08T09:33:10Z"}, {"author": "Jason Livingood", "text": "

Thx Matthias!

", "time": "2023-11-08T09:34:30Z"}, {"author": "Jason Livingood", "text": "

On measuring for DNS resolvers - yes most networks are not running open resolvers (to prevent abuse). Authors may consider using RIPE Atlas probes for this purpose.

", "time": "2023-11-08T09:36:08Z"}, {"author": "Shane Kerr", "text": "

So... never trust a resolver? :big_smile:

", "time": "2023-11-08T09:38:39Z"}, {"author": "Matthias W\u00e4hlisch", "text": "

problem with RIPE Atlas: to measure the transparent forwarder part of the ODNS, we need to keep states on the measurement probe (i.e. Atlas probe). we would need to introduce a new measurement method to Atlas.

", "time": "2023-11-08T09:38:48Z"}, {"author": "Jerry Lundstr\u00f6m", "text": "

How many of these \"open resolvers\" are honeypots?

", "time": "2023-11-08T09:38:52Z"}, {"author": "Jerry Lundstr\u00f6m", "text": "

I wouldn't be surprise if there are 5M honeypots out there now days

", "time": "2023-11-08T09:39:52Z"}, {"author": "Matthias W\u00e4hlisch", "text": "

Regarding Lorenzo's other comment: there are stub resolvers that accept replies triggered by transparent forwarders, but we didn't measure this in detail. we focused on the transparent forwarders.

", "time": "2023-11-08T09:40:12Z"}, {"author": "Matthias W\u00e4hlisch", "text": "

based on the our discussion with operators and fingerprinting scans, the transparent forwarders are not primarily honeypots.

", "time": "2023-11-08T09:41:00Z"}, {"author": "Matthias W\u00e4hlisch", "text": "

they are CPE devices (DSL gateways...) or (smaller) routers.

", "time": "2023-11-08T09:41:20Z"}, {"author": "Jerry Lundstr\u00f6m", "text": "

my comments was regarding the presentation now

", "time": "2023-11-08T09:41:38Z"}, {"author": "Matthias W\u00e4hlisch", "text": "

oh sorry ;)

", "time": "2023-11-08T09:41:48Z"}, {"author": "Jerry Lundstr\u00f6m", "text": "

of course forwarders are not honeypots :)

", "time": "2023-11-08T09:41:53Z"}, {"author": "Matthias W\u00e4hlisch", "text": "

Maynard's comment: if you do proper sanitizing, the number of resolvers reduces.

", "time": "2023-11-08T09:44:25Z"}, {"author": "Jason Livingood", "text": "

Back on the ECN presentation a bit ago for the notes here. The slide said a single tier 1 ISP impacts 98.6% of domains. That operator is Arelion and a few of us are in touch with them to try to fix it. They are very responsive and focused on resolving it. Great collaboration.

", "time": "2023-11-08T09:46:07Z"}, {"author": "Mirja K\u00fchlewind", "text": "

Thanks Jason that's good news

", "time": "2023-11-08T09:46:43Z"}, {"author": "Ryo Yanagida", "text": "

slide's contrast is a bit too low to see onsite...

", "time": "2023-11-08T09:48:46Z"}, {"author": "Sudheesh Singanamalla", "text": "

Thanks Jason, Yes, I agree with you that RIPE Atlas probes might be a potential way for us to go, and like Geoff mentioned maybe comparing our results with well known resolver IP addresses which have clients behind them might also help. Thanks for the feedback

", "time": "2023-11-08T09:49:36Z"}, {"author": "Momoka Yamamoto", "text": "

Hosts favour IPv6 thanks to Default Address Selection for IPv6

", "time": "2023-11-08T10:02:51Z"}, {"author": "Benno Overeinder", "text": "

Sudheesh, I was triggered by the lifetime distribution of open solvers. Assuming that 50% of open solvers have a two-day lifespan (slide 13), there must be a huge influx of new open solvers installed and misconfigured. As far as I know, the open source resolvers (the source files) are distributed with secure default options. It might be interesting to investigate further what exactly is going on. The almost 10 million open solvers of which 90+% come and go seems very high and we have to look at how we can prevent that.

", "time": "2023-11-08T10:15:36Z"}, {"author": "Maxime Piraux", "text": "

Momoka Yamamoto said:


Hosts favour IPv6 thanks to Default Address Selection for IPv6


Thanks for clarifying this to me. I was under the impression that only HE was responsible for setting this priority, but I missed section 10.3 of RFC6724 which also recommends it.

", "time": "2023-11-08T10:25:18Z"}]