[62543] in North American Network Operators' Group
Re: Kill Verisign Routes :: A Dynamic BGP solution
daemon@ATHENA.MIT.EDU (Stephen J. Wilcox)
Thu Sep 18 18:51:45 2003
Date: Thu, 18 Sep 2003 22:51:08 +0000 (GMT)
From: "Stephen J. Wilcox" <steve@telecomplete.co.uk>
To: Eric Germann <ekgermann@cctec.com>
Cc: nanog@nanog.org
In-Reply-To: <NDBBJJPLIGJGLBKILFIHCEFCMGAA.ekgermann@cctec.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 18 Sep 2003, Eric Germann wrote:
>
> I wanted to discuss the merits of the following:
>
> I have written a proof of concept solution to nuke a route to sitefinder.
> Code to those who care or to the list if anyone cares. Perl is your friend
> :)
>
> Basic concept: Use Net::BGP to set up a peering session with my route
> server. Query DNS for *.com and *.net on x interval. Then take the answers
> (if they are valid A records) and inject them into the route server (which
> in our case is used solely to feed a blackhole network to sink traffic from
> APNIC space, etc).
>
> If an address no longer appears in the DNS (i.e. the idiots switched hosts),
> withdraw the route. If they set up multiple hosts, it will catch each one
> of them. You can set the polling interval as you please.
>
> Thoughts?
So totallymadeupdomain.com now resolves but is unreachable. That will prevent
you from bouncing emails to non-existent domains immediately..
Steve
