Maintained by: NLnet Labs

[Unbound-users] libUnbound for Chromium?

Leen Besselink
Fri Mar 16 00:00:49 CET 2012


On Thu, Mar 15, 2012 at 02:38:52PM -0400, Mark Deneen wrote:
> On Thu, Mar 15, 2012 at 2:33 PM, Jan-Piet Mens <jpmens.dns at gmail.com> wrote:
> >> > > decided that due to the level of tinkering we want to do in DNS, we
> >>                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> >>
> >> Now, that's a scary phrase. . .
> >
> > Indeed. Catch a glimpse by launching Chrome and going to
> > chrome://net-internals to get a preview of the tinkering...
> >
> 
> Nothing in the DNS section there looks that scary to me. (linux)

If you take tcpdump, you'll see it does this at startup and those 'random'-hostnames will remain to be queried (probably to
check if a dns resolver is still responding ?):

31418+ AAAA? www.google.com. (32)
31418 1/1/0 CNAME www.l.google.com. (102)
37251+ A? www.google.com. (32)
37251 7/0/0 CNAME www.l.google.com., A 173.194.65.99, A 173.194.65.104, A 173.194.65.105, A 173.194.65.147, A 173.194.65.103, A 173.194.65.106 (148)
32165+ AAAA? www.google.com. (32)
32165 1/1/0 CNAME www.l.google.com. (102)
48491+ A? www.google.com. (32)
48491 7/0/0 CNAME www.l.google.com., A 173.194.65.99, A 173.194.65.104, A 173.194.65.105, A 173.194.65.147, A 173.194.65.103, A 173.194.65.106 (148)
16721+ AAAA? ocsp.thawte.com. (33)
16721 1/0/0 CNAME ocsp.verisign.net. (64)
8453+ A? ocsp.thawte.com. (33)
8453 2/0/0 CNAME ocsp.verisign.net., A 199.7.50.72 (80)
3544+ AAAA? ocsp.thawte.com. (33)
3544 1/0/0 CNAME ocsp.verisign.net. (64)
44288+ A? ocsp.thawte.com. (33)
44288 2/0/0 CNAME ocsp.verisign.net., A 199.7.50.72 (80)
11659+ AAAA? hddbusubir.local. (34)
23847+ AAAA? egyfizszvs.local. (34)
30060+ AAAA? ibtrlsfjai.local. (34)
11659 NXDomain* 0/0/0 (34)
23847 NXDomain* 0/0/0 (34)
30060 NXDomain* 0/0/0 (34)
7555+ AAAA? egyfizszvs. (28)
47511+ AAAA? hddbusubir. (28)
2986+ AAAA? ibtrlsfjai. (28)
2986 NXDomain 0/1/0 (103)
35652+ A? ibtrlsfjai.local. (34)
35652 NXDomain* 0/0/0 (34)
38741+ A? ibtrlsfjai. (28)
38741 NXDomain 0/1/0 (103)
47511 NXDomain 0/1/0 (103)
22881+ A? hddbusubir.local. (34)
22881 NXDomain* 0/0/0 (34)
25885+ A? hddbusubir. (28)
7555 NXDomain 0/1/0 (103)
2367+ A? egyfizszvs.local. (34)
2367 NXDomain* 0/0/0 (34)
65531+ A? egyfizszvs. (28)
25885 NXDomain 0/1/0 (103)
65531 NXDomain 0/1/0 (103)
8985+ AAAA? ssl.gstatic.com. (33)
8985 0/1/0 (90)
58195+ AAAA? ssl.gstatic.com.local. (39)
58195 NXDomain* 0/0/0 (39)
53127+ A? ssl.gstatic.com. (33)
53127 1/0/0 A 173.194.65.120 (49)
48118+ AAAA? crl.geotrust.com. (34)
48118 1/1/0 CNAME crl.verisign.net. (133)
31523+ A? crl.geotrust.com. (34)
31523 2/0/0 CNAME crl.verisign.net., A 199.7.59.190 (80)
23360+ AAAA? www.gstatic.com. (33)
23360 0/1/0 (90) 
1956+ AAAA? www.gstatic.com.local. (39)
1956 NXDomain* 0/0/0 (39)
18311+ A? www.gstatic.com. (33)
18311 1/0/0 A 173.194.65.120 (49)

So that is what it does already, this was with only an about:blank page.

The tinkering they want to do is mostly the timing I presume.