Re: An update on the AfriNIC situation

[Sabri Berisha <sabri () cluecentral net>]

----- On Aug 30, 2021, at 12:37 PM, Rubens Kuhl rubensk () gmail com wrote:

Hi,

> > I've ran an RBL for years, which many people used. It closed down more than
> > a decade ago. Out of 100 DNS queries I logged just now with a quick tcpdump
> > on one of my three DNS servers, I counted 51 for rbl.cluecentral.net. That's
> > why I'm advocating to reconsider your carpet-bombing (filter into oblivion)
> > recommendation. People don't remove them.
>
> I understand the risk, but when choosing between that risk and the
> systemic risk for the RIR system, the choice for me is very clear.
> Kinda like removing a malignant tumor.

While I disagree with it, I do understand your point of view.

I'm a proponent of "your network, your rules". But, if you would choose
to filter the netblocks associated with this case, I would recommend that
you filter them in BGP and not ACL them into oblivion. That way your customers
won't be impacted (I have been on the customer end of something like this).

Thanks,

Sabri