[50666] in North American Network Operators' Group
RE: Deaggregating for emergency purposes
daemon@ATHENA.MIT.EDU (Brad Knowles)
Tue Aug 6 19:21:33 2002
In-Reply-To:
<Pine.LNX.4.20.0208061822210.3196-100000@www.everquick.net>
Date: Wed, 7 Aug 2002 00:05:44 +0200
To: "E.B. Dreger" <eddy+public+spam@noc.everquick.net>,
nanog@merit.edu
From: Brad Knowles <brad.knowles@skynet.be>
Errors-To: owner-nanog-outgoing@merit.edu
At 6:38 PM +0000 2002/08/06, E.B. Dreger wrote:
> So explain how this is superior to DNS entr(y|ies) stating who
> your peers and upstreams are. And there's nothing to say that
> one could not specify allowed filters in DNS, too.
You don't want to do this with DNS. Trust me. There are far too
many seriously screwed up nameservers out there -- including many TLD
nameservers, and even some mildly mis-configured root nameservers.
Until such time as these issues get addressed (either DNS
software gets more idiot-resistant, or we have DNSSEC and things like
cache pollution are basically impossible), you want to find other
ways to handle these sorts of things.
--
Brad Knowles, <brad.knowles@skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
