[33416] in North American Network Operators' Group
Re: net.terrorism
daemon@ATHENA.MIT.EDU (Adrian Chadd)
Wed Jan 10 02:14:53 2001
Date: Wed, 10 Jan 2001 15:12:44 +0800
From: Adrian Chadd <adrian@creative.net.au>
To: John Payne <john@sackheads.org>
Cc: nanog@merit.edu
Message-ID: <20010110151244.K79667@ewok.creative.net.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010109174224.P10114@haybaler.sackheads.org>; from john@sackheads.org on Tue, Jan 09, 2001 at 05:42:24PM -0800
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, Jan 09, 2001, John Payne wrote:
> On Tue, Jan 09, 2001 at 09:49:50PM +0800, Adrian Chadd wrote:
> > I'd rather get partial announcements than traffic-filtered announcements.
> > That way, my other network pipes (which hopefully have a path without
> > above.net in it to vuurwerk) will take over. above.net are happy.
> > vuurwerk is happy. life is good. no bitching or extra configuration.
>
> personally speaking, and no disrespect to any abovenet network engineers, or anyone
> else, but I would *MUCH* rather a solution which doesn't involve them logging
> onto several routers to block 1 route (I don't know how many places abovenet peer
> with uunet, but I'll bet that its more than 1 place)
>
> a) Add a blackhole route (1 config change)
> b) Tag/block route on ingress (X config changes)
> c) block route on egress (Y config changes)
That in itself is bogus. How many MXes do you run? Can you seriously
tell me that every time you add a domain to your MX servers you consider
the updates "too difficult" ?
I mean, going by what you said above, we might as well run open relays.
That way, whenever we add new domains, thats 1 config change to your
primary MX host to accept mail, and bewm! it works!
Thats what scripts and other automata are for.
Adrian
--
Adrian Chadd "Sex Change: a simple job of outside
<adrian@creative.net.au> to inside plumbing."
- Some random movie
