> On Fri, 29 Sep 2006, Mohsen Souissi wrote:
>
> > via an "official" channel, *what* really happens and *how* it happens.
>
> What really happens is that system administrators misconfigure DNS
> servers so that they forward queries for local address space to global
> servers (frequently the roots). This traffic can't properly be answered
> by the roots or by in-addr.arpa zone.
>
> The remedy to this problem is twofold:
> 1) relieve this traffic from the root servers
> 2) get system administrators to properly configure their nameservers.
>
> One solution proposed has been AS112. The question is whether this is a
> good solution. There is another solution, and I think better
>
> Lets think about what the best solution is, before we jump into one
> particular, and complicated, solution.
>
> Could you address why it is you think the simpler and approach below
> should not be recommended by the working group?
>
> Thanks,
>
> --Dean
>
> ----------
>
> The better approach is for the WG to recommend to the in-addr.arpa
> maintainer to put in delegations for 168.192.in-addr.arpa et al to be
> delegated to 127.0.0.1. These delegation records should have the maximum
> TTL.
Because it also breaks responses to queries from nameservers that
are NOT using these addresses.
> This approach has two beneficial effects that AS112 doesn't
> offer:
>
> 1) The nameserver operator with the misconfigured nameserver will begin
> getting "recursion to self" errors, which will prompt corrective action.
>
> 2) The delegation records will be cached on the local nameserver,
> reducing unnecessary traffic from the misconfigured nameserver.
Because it only works when you get responses *back*. A
large amout of this traffic is non-repliable by the roots.
> --
> Av8 Internet Prepared to pay a premium for better service?
> www.av8.net faster, more reliable, better service
> 617 344 9000
>
>
>
> .
> dnsop resources:_____________________________________________________
> web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html
> mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
--
ISC Training! October 16-20, 2006, in the San Francisco Bay Area,
covering topics from DNS to DHCP. Email [EMAIL PROTECTED]
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: [EMAIL PROTECTED]
.
dnsop resources:_____________________________________________________
web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html
mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
