Re: [NOC] ARIN contact needed: something bad happens with legacy IPv4 block's reverse delegations

[John Curran <jcurran () arin net>]

On 17 Mar 2017, at 12:26 PM, William Herrin <bill () herrin us<mailto:bill () herrin us>> wrote:

On Fri, Mar 17, 2017 at 7:52 AM, Romeo Zwart <rz+nng () zwart com<mailto:rz%2Bnng () zwart com>> wrote:
> RIPE NCC have issued a statement about the issue here:
>
>  https://www.ripe.net/ripe/mail/archives/dns-wg/2017-March/003394.html
>
> Our apologies for the inconvenience caused.

Hmm. That sounds like an ARIN-side bug too. ARIN's code responded to corrupted data by zeroing out the data instead of 
using the last known good data. That's awfully brittle for such a critical service.

Agreed in principle - receiving incorrect data (improperly formatted, corrupted, or not properly signed)
should result in appropriate notice and no change to the running system.  This is actually the case with
ARIN’s systems.

However, we received a properly formatted and signed zonelet file, albeit one which contained zero
records.   APNIC also received similar correctly formatted/signed zonelet files as a record of the RIPE
bug, and the three RIRs have been working closely together to get the correct RIPE data loaded back
into our authoritative DNS systems.

Thanks!
/John

John Curran
President and CEO
ARIN