On 26 Nov 2014, at 17:05, Florian Lohoff <[email protected]> wrote: > On Wed, Nov 26, 2014 at 04:10:07PM -0500, Joe Abley wrote: > >> On 26 Nov 2014, at 14:06, Warren Kumari <[email protected]> wrote: >> >>> What's wrong with 127.0.0.1? It makes it clear what the intent is, and >>> you don't get a much more distributed sinkhole than that... >> >> I'm always wary of using 127.0.0.1 for anything that doesn't really mean "you >> should talk to yourself". Without a comprehensive knowledge of the impact, >> you don't know what you're blowing up. >> >>> If there really is a use case, let's try and get a block allocated, >>> and encourage folk to anycast -> null0 for this. >> >> https://github.com/ableyjoe/draft-jabley-well-known-sinkhole >> >> Needs text. Not submitted. Co-authors welcome. > > Would it make sense to also mention an probably seperate address which should > generate host unreachables? This should most likely be rate limited > and probably tcp only or something.
My mental picture of a sinkhole is a hole into which things can be thrown without fear that they will come back out. What you're talking about sounds more like a volcano, which I would feel less happy standing next to with my bags of garbage. :-) > For certain scenarios a quick "nothing here" could be useful > > E.g. sending smtp backscatter to a sink-hole or botnet command > and control server. Can you explain in more detail? I don't think I'm getting it. If an end-user does something that triggers a packet to be sinkholed, who benefits if the sinkhole sources a packet back? This sounds like something that could be used to coordinate anonymous sinkhole backscatter towards arbitrary victims. Joe
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
