[161744] in North American Network Operators' Group
Re: Open Resolver Problems
daemon@ATHENA.MIT.EDU (Nick Hilliard)
Tue Mar 26 11:38:32 2013
X-Envelope-To: nanog@nanog.org
Date: Tue, 26 Mar 2013 15:38:20 +0000
From: Nick Hilliard <nick@foobar.org>
To: ahebert@pubnix.net
In-Reply-To: <5151B987.50302@pubnix.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 26/03/2013 15:06, Alain Hebert wrote:
> And why not targeting all that animosity to the peers allowing
> source IP spoofing?
I do - and I gave a bunch of talks in europistan over the last 12 months
which included explicit encouragement, practice and configuration for
implementing BCP38 as part of real-time black hole system deployment.
> DNS Servers don't attack you, people letting their customers spoof
> source IP do.
DNS amp packets attack me. Please stop them from leaving your network, and
I will both implement BCP38 and encourage others to do so. Thank you.
Nick
