Skip to content

lcsig/BGP-ASN-DNS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
img
img
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

BGP-ASN-DNS

This repository includes and summraise some resources in networking

DNS & IPs

Important Resources

Resource Link
Root Servers Map https://root-servers.org/
Root Servers List https://www.iana.org/domains/root/servers
List of All TLD Domains https://www.iana.org/domains/root/db
TLDs (plain text) https://data.iana.org/TLD/tlds-alpha-by-domain.txt
IPv4 Multicast Address Space Registry https://www.iana.org/assignments/multicast-addresses/multicast-addresses.xhtml
IPv4 Special-Purpose Address Registry https://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
Autonomous System (AS) Numbers & Registrar https://www.iana.org/assignments/as-numbers/as-numbers.xhtml
Special-Purpose Autonomous System (AS) Numbers https://www.iana.org/assignments/iana-as-numbers-special-registry/iana-as-numbers-special-registry.xhtml
A root server metrics https://a.root-servers.org/metrics

Root Servers

Dig Command

  • dig +trace google.com

  • dig +norecurse google.com

  • dig google.com @a.root-servers.net

  • dig +all +answer +multiline google.com any

  • dig google.com any

  • dig @ns.example.com -tAXFR example.com

  • dig -t <NS,AA,AAAA,TXT> @8.8.8.8 google.com

  • Enumerate all common record types for a domain (ANY queries are largely deprecated per RFC 8482, so loop instead):

    for t in A AAAA NS MX TXT SOA CNAME SRV CAA PTR DNSKEY DS NSEC NSEC3 TLSA SSHFP NAPTR; do
  dig +noall +answer +nocmd example.com $t
done

  • DNS Flags:

Useful Websites

Tool Purpose Link
whatsmydns Global DNS propagation checker https://www.whatsmydns.net/#A/google.com
DNSViz DNSSEC chain-of-trust visualizer https://dnsviz.net/
Zonemaster Full zone health check https://zonemaster.net/
intoDNS Quick zone diagnostics https://intodns.com/
DNS Checker Global propagation checker https://dnschecker.org/
Root zone file Full authoritative root zone https://www.internic.net/domain/root.zone
ICANN CZDS Download TLD zone files https://czds.icann.org/
Farsight DNSDB Passive DNS history https://www.farsightsecurity.com/solutions/dnsdb/

Public Resolvers

Provider IPv4 Notes
Cloudflare 1.1.1.1, 1.0.0.1 DoH: https://cloudflare-dns.com/dns-query
Google 8.8.8.8, 8.8.4.4
Quad9 9.9.9.9 Blocks malicious domains
AdGuard 94.140.14.14 Blocks ads
DNS0.eu 193.110.81.0 EU-based, privacy-focused

Modern Dig Alternatives

Tool Notes Link
drill Part of ldns, dig replacement
kdig Knot DNS, supports DoH/DoT/DoQ
dog Colorful modern CLI https://github.com/ogham/dog
doggo Go-based, JSON output https://github.com/mr-karan/doggo

ASN

Important Resources

Resource Purpose Link
Hurricane Electric BGP ASN info, graph, connected ASNs, prefixes https://bgp.he.net/AS8697
bgp.tools Cleaner UI, leak/hijack detection https://bgp.tools/
PeeringDB Interconnection & facility database https://www.peeringdb.com/
nitefood/asn CLI tool for ASN/IP/BGP lookups https://github.com/nitefood/asn

Team Cymru IP-to-ASN whois (one-shot CLI):

whois -h whois.cymru.com " -v 8.8.8.8"

BGP & BGPlay

RIPE API

Full documentation cen be found in https://stat.ripe.net/docs/02.data-api/ (Very Interesting!)

  • Get Country ASN List 
    https://stat.ripe.net/data/country-asns/data.json?resource=jo&lod=1
  • Get IP/Domain Info for DNS/IP 
    curl --location --request GET "https://stat.ripe.net/data/dns-chain/data.json?resource=94.249.58.131"

FB Goes Down!

You can observe how FB went down on October 4, 2021 at 15:00 by extracting their NS server, extracting the ASN, and inserting it into the RIPE BGPlay.

BGPlay

Live BGP Data Sources

Source Purpose Link
RIPE RIS Live Real-time BGP updates via WebSocket https://ris-live.ripe.net/
RouteViews Historical MRT archive http://routeviews.org/
CAIDA BGPStream Programmatic BGP analysis (Py/C) https://bgpstream.caida.org/
Cloudflare Radar Traffic, routing, outages https://radar.cloudflare.com/
IODA Internet outage detection https://ioda.inetintel.cc.gatech.edu/
GRIP BGP hijack alert feed https://grip.inetintel.cc.gatech.edu/

RPKI (Route Origin Validation)

Resource Purpose Link
Cloudflare RPKI portal Status & diagnostics https://rpki.cloudflare.com/
isBGPSafeYet RPKI deployment tracker https://isbgpsafeyet.com/
Routinator NLnet Labs RPKI validator https://routinator.docs.nlnetlabs.nl/
Krill NLnet Labs RPKI CA https://krill.docs.nlnetlabs.nl/

Famous BGP Incidents

Year Incident What happened
1997 AS7007 leak First global BGP meltdown — AS7007 re-advertised full table as /24s
2008 YouTube hijack Pakistan Telecom /24 more-specific leaked worldwide
2018 Google via China Telecom Google traffic rerouted through China Telecom
2018 MainOne leak Leaked Google prefixes via China Telecom
2020 Rostelecom leak 8800+ prefixes leaked in April 2020
2021 Facebook outage Oct 4 — BGP withdrawal took FB/IG/WA offline (see BGPlay above)
2022 KlaySwap hijack Feb — DNS + BGP attack, crypto theft
2022 Twitter via RTCOMM March — BGP leak by Rostelecom subsidiary

Measurement & Labs

Tool Purpose Link
RIPE Atlas Global probe network + measurement API https://atlas.ripe.net/
M-Lab Speed/latency measurement data https://www.measurementlab.net/
Containerlab BGP labs with FRR/BIRD/SR Linux https://containerlab.dev/
mtr Traceroute + ping combined
scamper Active Internet measurement (CAIDA) https://www.caida.org/catalog/software/scamper/

Buy me a Coffee:

BTC: bc1q2kqvggm552h0csyr0awa2zepdapxdqnacw0z5w

BTC

About

Interesting Networking Stuff

Topics

dns networking bgp iana tld icann asn ripe root-servers facebook-down

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Contributors