[106285] in North American Network Operators' Group
Re: Federal Government Interest in your patch progress
daemon@ATHENA.MIT.EDU (Sean Donelan)
Fri Jul 25 13:32:22 2008
Date: Fri, 25 Jul 2008 13:32:07 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <20080725152709.GD45292@puck.nether.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
On Fri, 25 Jul 2008, Jared Mauch wrote:
> They wanted someone to apporach those NANOG guys to see if they'll get
> off their butts and upgrade. Personally, I share some of their frustration
> in getting the reasonable people to upgrade their software, knowing that
> the unreasonable folks won't. The question is how can we as an interdependent
> industry close the gaps of the "Bubba" SPs and their software upgrade
> policies?
>
> That being said, is there anyone keeping metrics of what upgrades have been
> done so far?
Unfortunately, several of the public "testing" sites have been generating
false-positives. The ISPs have updated their DNS servers, some several
weeks ago, but the testing site gets confused. Several DNS "security
experts" (i.e. anyone with a blog) have also been confused about which
ISPs manage which DNS servers versus other DNS servers on a network.
Lots of phone calls to the wrong service providers complaining about
the wrong things.
Some folks who handle lookups for lots of domains have some data, but
without knowing which DNS servers are "official" ISP recursive servers and
which DNS servers are just random recursive resolvers owned by end-users,
breaking down the data by ISP is a bit of a challange.
If you just want data about overall DNS upgrade activity, not broken down
by "official" or "unofficial" servers, that could be easier to collect.
