Joe Abley wrote: > On 26 Nov 2014, at 14:06, Warren Kumari <[email protected]> wrote: > > > What's wrong with 127.0.0.1? It makes it clear what the intent is, and > > you don't get a much more distributed sinkhole than that... > > I'm always wary of using 127.0.0.1 for anything that doesn't really mean "you > should talk to yourself". Without a comprehensive knowledge of the impact, > you don't know what you're blowing up.
Indeed, some recursive DNS servers won't even attempt to send queries to 127.0.0.1 by default. (Unbound's "do-not-query-localhost: yes" default.) > > If there really is a use case, let's try and get a block allocated, > > and encourage folk to anycast -> null0 for this. > > https://github.com/ableyjoe/draft-jabley-well-known-sinkhole > > Needs text. Not submitted. Co-authors welcome. A common method for dealing with unwanted traffic is to direct that traffic at nominated addresses within a network that are null-routed; that is, packets with such destination addresses are discarded silently by routers with a null route for that destination configured. These addresses are colloquially known as sinkholes, by analogy with the same term used in Physical Geography to describe a hole in the ground formed by some form of collapse of the surface layer, into which objects may fall and be lost forever. My colloquial understanding is that a "blackhole" discards traffic while a "sinkhole" is a routed network address which gathers information from the inbound packets. Some even use the term "sinkhole" to mean a network address that returns application-specific responses. E.g., the Conficker Working Group deployed "HTTP sinkholes" which listen on 80/tcp and capture HTTP requests from infected hosts. So, I would consider s/sinkhole/blackhole/g, at least. -- Robert Edmonds _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
