[46958] in North American Network Operators' Group
Re: is your host or dhcp server sending dns dynamic updates for
daemon@ATHENA.MIT.EDU (Derek J. Balling)
Fri Apr 19 08:57:32 2002
Mime-Version: 1.0
Message-Id: <p0511171fb8e5c330a44d@[10.15.49.142]>
In-Reply-To: <20020418235759.87A1928B6E@as.vix.com>
Date: Fri, 19 Apr 2002 08:56:53 -0400
To: nanog@merit.edu
From: "Derek J. Balling" <dredd@megacity.org>
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Errors-To: owner-nanog-outgoing@merit.edu
At 4:57 PM -0700 4/18/02, Paul Vixie wrote:
>what these files are is a whole lot of lines that look like (broken by me):
>
>18-Apr-2002 16:16:05.491 security: notice: \
> denied update from [63.198.141.30].2323 for "168.192.in-addr.arpa" IN
>
>by "a whole lot" i mean we've logged 3.3M of these in the last four hours.
>
>so who are these people and why are they sending dynamic updates for rfc1918
>address space PTR's?
Maybe I'm stupid (it wouldn't be the first time).
Why do we bother having "public" nameservers answering for this space at all?
Why don't we have "blackhole-[12].iana.org" have A records of
"127.0.0.1"? Then, if the local resolver doesn't have authority for
that network, it'll loopback to itself looking for the answer
(failing just as miserably as it would by beating up on the IANA.ORG
servers, but without wasting anyone's bandwidth).
I'm sure there's a reason why we don't already do this (or something
similar), but can someone educate me as to why that is?
D
--
+---------------------+-----------------------------------------+
| dredd@megacity.org | "Thou art the ruins of the noblest man |
| Derek J. Balling | That ever lived in the tide of times. |
| | Woe to the hand that shed this costly |
| | blood" - Julius Caesar Act 3, Scene 1 |
+---------------------+-----------------------------------------+
