nanog mailing list archives
RE: Kill Verisign Routes :: A Dynamic BGP solution
From: "David Schwartz" <davids () webmaster com>
Date: Thu, 18 Sep 2003 15:38:12 -0700
I wanted to discuss the merits of the following:
I have written a proof of concept solution to nuke a route to sitefinder. Code to those who care or to the list if anyone cares. Perl is your friend :)
Basic concept: Use Net::BGP to set up a peering session with my route server. Query DNS for *.com and *.net on x interval. Then take the answers (if they are valid A records) and inject them into the route server (which in our case is used solely to feed a blackhole network to sink traffic from APNIC space, etc).
If an address no longer appears in the DNS (i.e. the idiots switched hosts), withdraw the route. If they set up multiple hosts, it will catch each one of them. You can set the polling interval as you please.
Thoughts?
I think the whole idea of getting into an escalating technical war with Verisign is extremely bad. Your suggestion only makes sense if you expect Verisign to make changes to evade technical solutions. Each such change by Verisign will cause more breakage. Verisign will either provide a way to definitively, quickly, and easily tell that a domain is not registered or Verisign will badly break COM and NET. DS
Current thread:
- Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution David Schwartz (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution David Schwartz (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 18)
- Re: Kill Verisign Routes :: A Dynamic BGP solution Stephen J. Wilcox (Sep 18)
- Re: Kill Verisign Routes :: A Dynamic BGP solution Damian Gerow (Sep 18)
- RE: Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 18)
- <Possible follow-ups>
- RE: Kill Verisign Routes :: A Dynamic BGP solution Eric Germann (Sep 19)
- RE: Kill Verisign Routes :: A Dynamic BGP solution David Schwartz (Sep 18)