Re: Open Letter to D-Link about their NTP vandalism

["Rubens Kuhl Jr." <rubensk () gmail com>]

> > I think he should use dns views to answer the queries to gps.dix.dk and either:
> > ( a ) answer 127.0.0.1 to all queries from outside his service area
> > ( b ) answer a D-Link IP address to all queries from outside his
> > service area (which could lead to getting their attention; dunno if
> > from their engineers or from their lawyers).
>
> Neither of which would solve the problem of his bandwidth being used by
> these, although (b) might actually serve to get their attention.

This reduces the bandwidth, as instead of dropping NTP packets, they
would never come to him in the first place.

> Perhaps as a thanks to him for the public service he provides the DIX,
> all of the users at DIX could set their external routers to reject
> incoming NTP packets from networks other than their own? Or even combine

Which still would require him to answer DNS requests for gps.dix.de.

> that with (b), although it might be more effective if it targeted, oh,
> www.dlink.com instead of an IP address.

Answering with CNAME instead of A is a good enhancement of the
original idea... :-)

> Then at least it would not be taking up internal DIX bandwidth capacity.

It still would require him to answer the DNS requests. Only way to
addres that is everybody outside DIX declare gps.dix.de as
www.dlink.com in their resolvers.

> By no means am I encouraging legally actionable activity, however, and
> as noted, (b) just might be.

Motion granted.


Rubens