What is the IANA Blackhole server?

WoundedWallet

Platinum Member
Oct 9, 1999
2,325
0
0
At first I noticed that I got a weird IP number while configuring my nic.

Ethernet adapter Local Area Connection 2:

Connection-specific DNS Suffix . :
Autoconfiguration IP Address. . . : 169.254.115.1139 (that's not even close to my fixed IP)
Subnet Mask . . . . . . . . . . . : 255.255.0.0
Default Gateway . . . . . . . . . :


I checked the IP and it belonged to IANA.

Now my server is trying to contact one of IANA's blackhole.isi.edu machine.(129.9.64.26) for their domain(53) service.

Is this a regular thing that is only happening now because my router's dns server is better configured than my own dns server?

Or is it that my router uses that IP for DNS regardless that I picked another one?

Or do I have something wrong going on?

Thanks.
 

goldboyd

Golden Member
Oct 12, 1999
1,932
0
0
when windows can't successfully get an ip address via dhcp, it will just use an ip in the 169.254 class b.

the theory behind this is when a networks dhcp server goes down, all the machines will be able to communicate because they'll all get an ip address in the same subnet, not sure if thats true, just what i've heard.
 

WoundedWallet

Platinum Member
Oct 9, 1999
2,325
0
0
thanks goldboyd, it makes some sense.

So it's probabaly true too that my router has the other address as the default DNS server. Anybody else can confirm that as well?
 

skriefal

Golden Member
Apr 10, 2000
1,418
3
81
Check out this Microsoft KB article.

Basically, blackhole.isi.edu is set up in the DNS heirarchy as the primary (Default) DNS server for nonroutable IP subnets, such as 10.x.x.x., 192.168.x.x, etc. Packets marked as originating from these addresses are never supposed to reach the Internet "at large", and thus there's no need for a real DNS server for those addresses. Thus the existence of the fake, "blackhole" DNS server.
 

spidey07

No Lifer
Aug 4, 2000
65,469
5
76
True about the blackhole addresses not "supposed" to reach the internet. This is a generally accepted practice of dropping these source addresses (and destination) at the access points. But lots of small ISPs don't follow the best practices bible (DAMN YOU TO HELL!) and you'll still get packets with these source addresses floating around.
 

WoundedWallet

Platinum Member
Oct 9, 1999
2,325
0
0
Ok, I guess it will be ok for to stop them from leaving my computer then. After all I don't want to end up in hell because of that :)