[EMAIL PROTECTED] (William F. Maton Sotomayor) writes:
At this point, I'd like to see the current pair of drafts move forward,
and would cast this particular issue as the subject of some sort of
other document.
likewise, me.
--
Paul Vixie
___
Dear colleagues,
Not to pick on Mark, but I have the sinking feeling that this
discussion is a good example of why some operators think the IETF
doesn't understand operational problems.
On Sat, Apr 05, 2008 at 10:07:54AM +1100, Mark Andrews wrote:
I said COPY. I did not say THEIR OWN
Dear colleagues,
Not to pick on Mark, but I have the sinking feeling that this
discussion is a good example of why some operators think the IETF
doesn't understand operational problems.
On Sat, Apr 05, 2008 at 10:07:54AM +1100, Mark Andrews wrote:
I said COPY. I did not say
* Mark Andrews:
There really is only one solution to preventing bogus
traffic reaching the root servers and that is to run a local
copy of the root zone.
Or sign the root and use aggressive negative caching (which is currently
prohibited by the RFCs, I'm told).
I agree that
* Joe Baptista:
I agree that information leakage is a problem. Curiously enough, no
root server or TLD operators that I know of has published some sort of
privacy statement that underlines how they deal with this issue.
They are not the ones generating this traffic. Its users as they cross
On Sun, Apr 6, 2008 at 9:15 AM, Florian Weimer [EMAIL PROTECTED] wrote:
It means that everybody who can make a BGP announcement can legitimately
hijack DNS traffic to those TLDs. Is this really what we want?
Thats an AS112 security issue. Are they to be trusted? Maybe? Maybe not.
AS112
On Fri, Apr 04, 2008 at 11:19:58AM -0400, Andrew Sullivan wrote:
On Fri, Apr 04, 2008 at 07:37:31AM -0700, David Conrad wrote:
...
I can just imagine the hue and cry that would happen when new top
level domains don't work for everybody.
Or in a future, actually very far from today, when DS
On Apr 4, 2008, at 8:30 AM, Frederico A C Neves wrote:
On Fri, Apr 04, 2008 at 11:19:58AM -0400, Andrew Sullivan wrote:
On Fri, Apr 04, 2008 at 07:37:31AM -0700, David Conrad wrote:
...
I can just imagine the hue and cry that would happen when new top
level domains don't work for everybody.
Andrew,
On Apr 4, 2008, at 10:08 AM, Andrew Sullivan wrote:
A self-correcting problem. The folks that are affected are the ones
using the non-updated server and no one else.
The problem is that those folks are _exactly_ the people who don't
understand any of this Internet plumbing anyway.
Hi all.
I fully agree with Andrew that the cause is far worse than the disease.
I don't think the disease is life threatening. I keep hearing about the
Problem of bogus queries to the root. It is certainly messy and ugly but from
my perspective as an operator it is more of irritant than
On Fri, Apr 04, 2008 at 07:37:31AM -0700, David Conrad wrote:
On Apr 4, 2008, at 7:02 AM, Andrew Sullivan wrote:
On Fri, Apr 04, 2008 at 02:16:32PM +1100, Mark Andrews wrote:
er, it (the bogus ttraffic) still reaches the root.
just your copy of the root, not mine.
On Thu, Apr 03, 2008 at 12:00:11AM -0500, Joe Abley wrote:
it's barely worth suggesting them. Call me cynical :-)
Or on the money. Whichever fits :-)
A
--
Andrew Sullivan
[EMAIL PROTECTED]
+1 503 667 4564 x104
http://www.commandprompt.com/
___
There really is only one solution to preventing bogus
traffic reaching the root servers and that is to run a local
copy of the root zone.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET:
On 1 Apr 2008, at 13:38 , William F. Maton Sotomayor wrote:
I suppose I should dust off my notes on this issue and hammer
something
out, as there were some on this list who were interested in seeing a
proposal. Mind you, I wonder if the WG might be out of scope for
dealing
with 'junk'
Edward Lewis wrote:
At 12:57 -0800 12/3/07, Brian Dickson wrote:
What are the pros/cons of this, other than the obvious offloading
of junk TLD lookups?
From http://www.nanog.org/mtg-0310/pdf/wessels.pdf:
See (unnumbered) slide Punchline from Last Year's Talk:
Category
At 10:35 -0700 4/1/08, Sebastian Castro Avila wrote:
Sorry for the late response. About this matter, using the data collected
at the root server instances participating in DITL 2007, we found 24.73%
of the queries seen at the roots were for invalid TLD's.
Doing an analysis per root, the numbers
On Tue, 1 Apr 2008, Sebastian Castro wrote:
So the data seems to be useful (but not complete). Once we got all the
data for DITL 2008 we could try to run the same test and look for
trends.
But it is a good start in having a look at the problem (or if anyone could
consider to be a problem).
* Stephane Bortzmeyer:
I cannot find another report about the TLDs most often queried at a
root name server. Other reports I've seen aggregated data, while this
small glimpse, however partial, at least *names* the TLDs.
All the non-existing TLDs queried are local domains (such as Apple's
[EMAIL PROTECTED] (Masataka Ohta) wrote:
Zone transfer is the mechanism.
You then don't have to use AS112 to absorb the load. The local
resolver will answer the query.
It will be an interesting experiment to let AS112 nameservers offer
root zone transfer for any client.
Would
On Mon, 3 Dec 2007, Phil Regnauld wrote:
The first step is to decide whether delegating to AS112 is reserved
to standardized (read: RFC) zones, like RFC1918, 169.254, etc..., or
whether anything sufficiently large -- and bogus -- is sufficient.
Step 0 of course is to
On 03 Dec, Brian Dickson wrote:
| I wonder if it is even necessary to enumerate/instantiate the junk TLDs?
|
| Given that root servers have (by definition) *the* authoritative list of
| TLDs, everything else is junk.
|
| Would not it make sense to put in wildcard delegations to AS112?
|
Mark Andrews wrote:
We should be looking at mechanisms to allow the root zone to
be distributed to every iterative resolver in the world.
You then don't have to use AS112 to absorb the load. The local
resolver will answer the query.
For the last two years
On Wed, Nov 28, 2007 at 10:55:44AM +0100, Peter Koch wrote:
On Tue, Nov 27, 2007 at 02:35:29PM -0800, John Crain wrote:
Currently about 60% New IP to 40% old IP... and rising slowly
So clearly a lot of folks still need to up date their hints files :(
part of that traffic will be due
On Wed, 28 Nov 2007, Peter Koch wrote:
On Tue, Nov 27, 2007 at 02:35:29PM -0800, John Crain wrote:
Currently about 60% New IP to 40% old IP... and rising slowly
So clearly a lot of folks still need to up date their hints files :(
part of that traffic will be due to old hints files,
On Wed, Nov 28, 2007 at 10:58:17AM -0500, Matt Larson wrote:
On Wed, 28 Nov 2007, Peter Koch wrote:
On Tue, Nov 27, 2007 at 02:35:29PM -0800, John Crain wrote:
Currently about 60% New IP to 40% old IP... and rising slowly
So clearly a lot of folks still need to up date their hints
On Wed, Nov 28, 2007 at 05:15:59PM +0100, bert hubert wrote:
On Wed, Nov 28, 2007 at 04:07:59PM +, [EMAIL PROTECTED] wrote:
and perhaps more interesting, the old address for B
showed a tapering off of traffic and then an INCREASE
last year. Old L and J got their numbers
On Wed, Nov 28, 2007 at 04:22:41PM +, [EMAIL PROTECTED] wrote:
The increase in traffic might easily be due to more favourable connectivity
to 'B', which would lead many resolver implementations to shift more queries
to it.
Bert
old B topolgy didnt change... :)
On Wed, Nov 28, 2007 at 05:28:47PM +0100, bert hubert wrote:
On Wed, Nov 28, 2007 at 04:22:41PM +, [EMAIL PROTECTED] wrote:
The increase in traffic might easily be due to more favourable
connectivity
to 'B', which would lead many resolver implementations to shift more
queries
Phil Regnauld wrote:
Stephane Bortzmeyer (bortzmeyer) writes:
I cannot find another report about the TLDs most often queried at a
root name server. Other reports I've seen aggregated data, while this
small glimpse, however partial, at least *names* the TLDs.
I'm posting the comments
Hi Joe,
It is exactly reflective of traffic as seen at l.root-servers.net and
measured by DSC. there is no trickery, plots or evil schemes involved.
Shame that your paranoia gets the better of you;)
Those are percentages not queries indeed. Total queries varies between
8Kq/s and 10Kq/s
John Crain wrote:
Hi Joe,
It is exactly reflective of traffic as seen at l.root-servers.net and
measured by DSC. there is no trickery, plots or evil schemes involved.
Shame that your paranoia gets the better of you;)
Your right. There is no trickery, plots or evil schemes involved. I
John Crain wrote:
Hi Joe.
I didn't do the math, I was using DSC.
I'm sure I could figure it out with some DSC tweaking...
However with beign completely unscientific and measuring rates
averaging from 8kq/s (low) to 10kq/s (high) over a 24hr period
it's between 691.2 million and 864
Hi Joe.
I didn't do the math, I was using DSC.
I'm sure I could figure it out with some DSC tweaking...
However with beign completely unscientific and measuring rates
averaging from 8kq/s (low) to 10kq/s (high) over a 24hr period
it's between 691.2 million and 864 million queries. So a
33 matches
Mail list logo