[96696] in North American Network Operators' Group
Re: Interesting new dns failures
daemon@ATHENA.MIT.EDU (Edward Lewis)
Mon May 21 17:18:53 2007
In-Reply-To: <Pine.LNX.4.21.0705211549260.18599-100000@linuxbox.org>
Date: Mon, 21 May 2007 17:09:55 -0400
To: nanog@merit.edu
From: Edward Lewis <Ed.Lewis@neustar.biz>
Cc: ed.lewis@neustar.biz
Errors-To: owner-nanog@merit.edu
At 3:50 PM -0500 5/21/07, Gadi Evron wrote:
>As to NS fastflux, I think you are right. But it may also be an issue of
>policy. Is there a reason today to allow any domain to change NSs
>constantly?
Although I rarely find analogies useful when trying to explain
something, I want to use one now to see if I understand this.
Let's say you rob convenience stores as a career choice. Once your
deed is done, you need to get away fast. So moving fast is a real
help to criminals. Since moving fast is rarely helpful for decent
folk, maybe we should just slow every one down - this certainly would
make it easier for law enforcement to catch the criminals.
If the above is not an accurate analogy to the NS fastflux issue, I'd
like to know what the deviations are. I don't doubt there are any,
but from what little I've gathered, the problem isn't the NS fastflux
but the activity that it hides - if it is indeed hiding activity. As
in, not every one speeding around town is running from the law.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-571-434-5468
NeuStar
Sarcasm doesn't scale.
