[194129] in North American Network Operators' Group
Re: [NOC] ARIN contact needed: something bad happens with legacy
daemon@ATHENA.MIT.EDU (Jared Mauch)
Fri Mar 17 13:18:25 2017
X-Original-To: nanog@nanog.org
Date: Fri, 17 Mar 2017 13:17:56 -0400
From: Jared Mauch <jared@puck.Nether.net>
To: =?iso-8859-1?Q?Bj=F8rn?= Mork <bjorn@mork.no>
In-Reply-To: <87var76ejg.fsf@miraculix.mork.no>
Cc: noc@computing.kiae.ru, "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
On Fri, Mar 17, 2017 at 05:42:11PM +0100, Bjørn Mork wrote:
> William Herrin <bill@herrin.us> writes:
> > On Fri, Mar 17, 2017 at 7:52 AM, Romeo Zwart <rz+nng@zwart.com> wrote:
> >> RIPE NCC have issued a statement about the issue here:
> >>
> >> https://www.ripe.net/ripe/mail/archives/dns-wg/2017-March/003394.html
> >>
> >> Our apologies for the inconvenience caused.
> >
> > Hmm. That sounds like an ARIN-side bug too. ARIN's code responded to
> > corrupted data by zeroing out the data instead of using the last known good
> > data. That's awfully brittle for such a critical service.
>
> Well, it was a nice smoke test of the "RDNS required" anti-feature. All
> of a sudden we couldn't even send email to ourselves, having smarthosts
> in one of the affected zones. Nice.
>
> Maybe time to re-evaluate the usefulness of that config...
or proper whitelisting of your own infrastructure :-)
- Jared
--
Jared Mauch | pgp key available via finger from jared@puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
