[63042] in North American Network Operators' Group
Re: Any way to P-T-P Distribute the RBL lists?
daemon@ATHENA.MIT.EDU (Eric A. Hall)
Thu Sep 25 15:33:33 2003
Date: Thu, 25 Sep 2003 14:31:23 -0500
From: "Eric A. Hall" <ehall@ehsco.com>
To: Drew Weaver <drew.weaver@thenap.com>
Cc: "'nanog@merit.edu'" <nanog@merit.edu>
In-Reply-To: <75634F04BFCFD511BF69009027DC86495C6660@mailman.thenap.com>
Errors-To: owner-nanog-outgoing@merit.edu
on 9/24/2003 9:30 PM Drew Weaver wrote:
> I know you all have probably already thought of this, but
> can anyone think of a feasible way to run a RBL list that does not have
> a single point of failure? Or any attackable entry?
Easy. Have the master server only be reachable by replication partners
through a VPN connection, and have dozens of secondaries advertising
through multiple anycast addresses.
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/
