nanog mailing list archives
Re: DOS attack against DNS?
From: Paul Vixie <vixie () vix com>
Date: 16 Jan 2006 18:12:25 +0000
joelja () darkwing uoregon edu (Joel Jaeggli) writes:
people inside one of the largest networks have told me that they have customers who require the ability to bypass BCP38 restrictions, and that they will therefore never be fully BCP38 compliant. ...Consider people in the rest of the world who may purchase simplex satellite links. By definition they inject traffic in places they aren't announcing their route from.
yup, those are exactly the customers i was told about. (see above.) however, there's still a way to filter-list the various interfaces -- it's just harder than letting the routing table imply your filter-list for you. also however, if these were the only customers who weren't made to follow BCP38, there would not be a global BCP38-related problem right now. or, as i said before:
i've asked for BCP38 to become the default on all their other present and future customers ...
-- Paul Vixie
Current thread:
- DOS attack against DNS? Roy (Jan 14)
- Re: DOS attack against DNS? Mark Andrews (Jan 14)
- Re: DOS attack against DNS? Jeroen Massar (Jan 15)
- Re: DOS attack against DNS? Mark Andrews (Jan 15)
- Re: DOS attack against DNS? Paul Vixie (Jan 16)
- Re: DOS attack against DNS? Joel Jaeggli (Jan 16)
- Re: DOS attack against DNS? Paul Vixie (Jan 16)
- Re: DOS attack against DNS? Daniel Senie (Jan 16)
- Re: DOS attack against DNS? Mark Andrews (Jan 16)
- Re: DOS attack against DNS? Jeroen Massar (Jan 15)
- Re: DOS attack against DNS? Mark Andrews (Jan 14)
- Re: DOS attack against DNS? bmanning (Jan 15)
- Re: DOS attack against DNS? Paul Vixie (Jan 15)
- Re: DOS attack against DNS? Mark Andrews (Jan 15)
- Re: DOS attack against DNS? william(at)elan.net (Jan 16)
- Re: DOS attack against DNS? Alon Tirosh (Jan 16)
- Re: DOS attack against DNS? Joe Shen (Jan 17)