nanog mailing list archives
RE: large organization nameservers sending icmp packets to dns servers.
From: "David Schwartz" <davids () webmaster com>
Date: Tue, 7 Aug 2007 23:11:19 -0700
On Aug 7, 2007, at 4:33 PM, Donald Stahl wrote:
If you don't like the rules- then change the damned protocol. Stop just doing whatever you want and then complaining when other people disagree with you.
I think this last part is the key.
Remember the old adage: "My network, My rules"? Have we forgotten that?
No, that's the point. The Internet is based on cooperation. You can run your network however you want, but if you fail to cooperate, other people will exercise their right to run their network how they want by blacklisting you.
Should I not block ports for MS protocols when a new worm spreads because it would break the E-2-E principal? What about spam filtering? Or a myriad of other things. Everyone here is breaking some RFC somehow. And most of us don't give a rats ass. Which is the way it should be.
Fine, so long as you don't break the promises you make to other networks. If you do that, you wreck the cooperation fabric the Internet is based on.
But when you decide that YOUR violation is MY problem to fix, then you are just being silly. And worse, annoying. Let's all just agree to run our own networks the way we damned well please, as long as we are not hurting anyone else. We just have to define "omplaining to you about things I b0rk'ed by myself" as "hurting you". Which isn't a stretch, support costs money, and costing me money because you screwed up is definitely hurtful.
When you promise to provide a service to anyone who asks for it and then fail to, you impose costs on other people. Failing to resolve names that you claim you will resolve is just such a failure. It forces other people's resolvers to do extra work to get the information they need or they just can't get it. This is, IMO, the type of cooperation failure that justifies blacklisting. DS
Current thread:
- Re: large organization nameservers sending icmp packets to dns servers., (continued)
- Re: large organization nameservers sending icmp packets to dns servers. Paul Vixie (Aug 09)
- Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 09)
- Re: large organization nameservers sending icmp packets to dns servers. Paul Vixie (Aug 09)
- Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 10)
- Re: large organization nameservers sending icmp packets to dns servers. Douglas Otis (Aug 10)
- Re: large organization nameservers sending icmp packets to dns servers. Paul Vixie (Aug 10)
- Re: large organization nameservers sending icmp packets to dns servers. Roland Dobbins (Aug 10)
- Re: large organization nameservers sending icmp packets to dns servers. John Kristoff (Aug 10)
- Re: large organization nameservers sending icmp packets to dns servers. David Conrad (Aug 07)
- Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore (Aug 07)
- RE: large organization nameservers sending icmp packets to dns servers. David Schwartz (Aug 07)
- Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore (Aug 08)
- Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 08)
- RE: large organization nameservers sending icmp packets to dns servers. Jason J. W. Williams (Aug 07)
- Re: large organization nameservers sending icmp packets to dns servers. Kevin Oberman (Aug 08)
- Industry best practices (was Re: large organization nameservers sending icmp packets to dns servers) Sean Donelan (Aug 08)
- Re: Industry best practices (was Re: large organization nameservers sending icmp packets to dns servers) Doug Barton (Aug 09)
- Re: Industry best practices (was Re: large organization nameservers Paul Vixie (Aug 09)
- Re: Industry best practices (was Re: large organization nameservers Sean Donelan (Aug 11)
- Re: large organization nameservers sending icmp packets to dns servers. Valdis . Kletnieks (Aug 07)
- Re: large organization nameservers sending icmp packets to dns servers. Patrick W. Gilmore (Aug 07)