[54486] in North American Network Operators' Group
Re: COM/NET informational message
daemon@ATHENA.MIT.EDU (Edward Lewis)
Fri Jan 3 15:49:06 2003
In-Reply-To: <Pine.GSO.4.33L0.0301031223060.6078-100000@pants.snark.net>
Date: Fri, 3 Jan 2003 15:48:17 -0500
To: just me <matt@snark.net>, "Verd, Brad" <bverd@verisign.com>
From: Edward Lewis <edlewis@arin.net>
Cc: "'nanog@merit.edu'" <nanog@merit.edu>
Errors-To: owner-nanog-outgoing@merit.edu
At 12:26 -0800 1/3/03, just me wrote:
>Am I the only one that finds this perversion of the DNS protocol
>abhorrent and scary? This is straight up hijacking.
It's scary but I'm not sure it's abhorrent.
The DNS is hit by a lot of bad traffic. E.g., a presentation at the
previous nanog (http://www.nanog.org/mtg-0210/wessels.html) mentioned
that just about 2% of traffic at the roots is "healthy" traffic.
Over the years, there have been servers for 10.in-addr.arpa just to
suck up queries that should have never leaked out the source networks.
It's encouraging that there is an effort to try to clean up the
reasons for bad traffic. It's scary because in some sense the
response is not true (I wouldn't call it hijacking), but when you are
trying to cull out incompatible older editions of software, there's
no safe route (no 'fail safe' method).
And yes, the approach mentioned is optimized for DNS resolution for
web access. Hopefully this doesn't trap, for example, unwary SSH
connections.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-703-227-9854
ARIN Research Engineer
