On 03/17/2017 10:42 AM, Mark Kosters wrote:
On 3/17/17, 12:26 PM, "NANOG on behalf of William Herrin"
<nanog-boun...@nanog.org on behalf of b...@herrin.us> wrote:
On Fri, Mar 17, 2017 at 7:52 AM, Romeo Zwart <rz+...@zwart.com>
wrote:
RIPE NCC have issued a statement about the issue here:
https://www.ripe.net/ripe/mail/archives/dns-wg/2017-March/003394.html
Our apologies for the inconvenience caused.
Hmm. That sounds like an ARIN-side bug too. ARIN's code responded to
corrupted data by zeroing out the data instead of using the last
known good data. That's awfully brittle for such a critical service.
Regards, Bill Herrin
Hi Bill,
The analysis was not yet complete when the notice went out from RIPE.
After doing a post-mortum, there were no bugs in ARIN’s software in
regards to this issue. We followed exactly what RIPE told us to do.
When we noticed an issue with RIPE’s updates yesterday, we notified
them as well.
My eyebrows reacted to this the same way Bill's did. It sounds like this
is at least a semi-automated system. Such things should have sanity
checks on the receiving side when told to remove large gobs of data,
even if the instructions validate correctly.
More fundamentally, according to the RIPE report they are sending you
something called "zonelets" which you then process into actual DNS data.
Can you say something about the relative merit of this system, vs.
simply delegating the right zones to the right parties and letting the
DNS do what it was intended to do?
At minimum the fact that this automated system was allowed to wipe out
great chunks of important data calls it into question. And sure, you can
all 3 fix the bugs you found this time around, but up until these bugs
were triggered you all thought the system was functioning perfectly, in
spite of it ending up doing something that obviously was not intended.
Doug