Full Disclosure mailing list archives
Re: FW: Question for DNS pros
From: John Hall <j.hall () f5 com>
Date: Wed, 04 Aug 2004 11:23:53 -0700
Ron DuFresne wrote:
Still following here... adding oneself to the list John mentioned might be the eaisier tack in this situation, and make it so one is not hit by new implimentations, as long as BIG-IP sites are not able to configure themselves out of the do-not-probe listing as well; <John Hall> 3-DNS does maintain a "do-not-probe" list to which you can be added, if the 3-DNS's probe traffic is too obnoxious for you. </John Hall>
The do-not-probe list is maintained per site (or per group of associated 3-DNS's), not globally (although that's an interesting idea that I'll forward to the developers). The whole purpose for this probe traffic is to improve service to the customers of a web site and probes are only sent after a customer's local DNS server queries the 3-DNS. If a customer stops querying the 3-DNS, then after a while, the 3-DNS will stop probing back. We are doing everything we can to avoid generating much probe traffic. The per-site probes should never be more than a few packets per hour in the default configurations and even a really aggressive configuration should generate no more than 16-20 packets per hour per site.
Though, I must admit, I'm none to fond of opt-outs rather than opt-ins.
I agree in most cases, although I do think that with the Internet you just have to have somewhat thicker skin. It's a tradeoff between getting good response when you visit Yahoo, Google, CNN, your bank, etc. and only getting the packets you approve of coming in your wire. I admit that I'm *much* more concerned with the 10000 attempts per day to deliver spam to my personal ".net" domain (which only has 4 valid email destinations) than I am with content delivery network probes that are only sent in response to my browsing. :)
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
-- John Hall Test Manager - Switch Team F5 Networks, Inc. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: FW: Question for DNS pros, (continued)
- Re: FW: Question for DNS pros Frank Knobbe (Aug 03)
- Re: FW: Question for DNS pros Frank Knobbe (Aug 03)
- Re: FW: Question for DNS pros Paul Schmehl (Aug 03)
- Re: FW: Question for DNS pros Frank Knobbe (Aug 03)
- Re: FW: Question for DNS pros grutz (Aug 03)
- Re: FW: Question for DNS pros John Hall (Aug 03)
- Re: FW: Question for DNS pros Frank Knobbe (Aug 03)
- Re: FW: Question for DNS pros John Hall (Aug 03)
- Re: FW: Question for DNS pros Frank Knobbe (Aug 03)
- Re: FW: Question for DNS pros Ron DuFresne (Aug 03)
- Re: FW: Question for DNS pros John Hall (Aug 04)
- Re: FW: Question for DNS pros John Hall (Aug 04)
- Re: FW: Question for DNS pros Nils Ketelsen (Aug 04)
- Re: FW: Question for DNS pros John Hall (Aug 05)
- Re: FW: Question for DNS pros Mark (Aug 03)
- Re: FW: Question for DNS pros John Hall (Aug 04)
- Re: FW: Question for DNS pros Gary E. Miller (Aug 04)
- Re: FW: Question for DNS pros John Hall (Aug 05)
- Re: FW: Question for DNS pros Gary E. Miller (Aug 05)