[121907] in North American Network Operators' Group
Re: Default route with object tracking
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Mon Feb 1 11:36:55 2010
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <75cb24521002010826m3a7978b5l36f2a12dc81a98c5@mail.gmail.com>
Date: Mon, 1 Feb 2010 11:36:18 -0500
To: Christopher Morrow <morrowc.lists@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 1, 2010, at 11:26 AM, Christopher Morrow wrote:
> On Mon, Feb 1, 2010 at 10:47 AM, Curtis Maurand <cmaurand@xyonet.com> =
wrote:
>>=20
>> I'd rather send him to something more open like kernel.org; anything =
but
>> Google's DNS. Google's DNS is a little too nefarious for my taste.
>=20
> <tinfoil hat off>
> nefarious? as a route object to track for selection of a default =
route? really?
> </tinfoil hat off>
>=20
> I think watching something 'very stable' like.... 198.6.0.0/16 may be
> useful, but in the end "pick some route that's long lived and not in
> just your upstream's control', that you see via both upstreams." seems
> like the best option.
I think that a better word than "nefarious" would be "smart" -- Google's =
DNS may be doing its own optimizations which may conflict with your =
"route that's long lived" constraint.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
