DNS query repetition ( was DNS Hardening )

In an earlier thread, Jon Levine asked

Other than DNSSEC, I'm aware of these relatively simple hacks to add
entropy to DNS queries.

1) Random query ID

2) Random source port

3) Random case in queries, e.g. GooGLe.CoM

4) Ask twice (with different values for the first three hacks) and compare
the answers

I presume everyone is doing the first two. Any experience with the other
two to report?

I have implemented a (public domain) DNS cache "GbDns" that implements both
3 and 4 ( and also DnsCurve ).

For non-deterministic authorities, such as Akamai, more that 2 queries are
needed, and some relatively complex code.

It turns out to be completely practical, albeit leading to an increase in
the number of packets.

Source code and a link to an IETF draft that describes the method is at


George Barwood

( New subscriber, hence the new thread )