nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: is your host or dhcp server sending dns dynamic updates for rfc1918?

From: "Derek J. Balling" <dredd () megacity org>
Date: Fri, 19 Apr 2002 08:56:53 -0400

At 4:57 PM -0700 4/18/02, Paul Vixie wrote:

what these files are is a whole lot of lines that look like (broken by me):

18-Apr-2002 16:16:05.491 security: notice: \
        denied update from [63.198.141.30].2323 for "168.192.in-addr.arpa" IN

by "a whole lot" i mean we've logged 3.3M of these in the last four hours.

so who are these people and why are they sending dynamic updates for rfc1918
address space PTR's?


Maybe I'm stupid (it wouldn't be the first time).

Why do we bother having "public" nameservers answering for this space at all?
Why don't we have "blackhole-[12].iana.org" have A records of "127.0.0.1"? Then, if the local resolver doesn't have authority for that network, it'll loopback to itself looking for the answer (failing just as miserably as it would by beating up on the IANA.ORG servers, but without wasting anyone's bandwidth).
I'm sure there's a reason why we don't already do this (or something similar), but can someone educate me as to why that is? 

D

--
+---------------------+-----------------------------------------+
| dredd () megacity org  | "Thou art the ruins of the noblest man  |
|  Derek J. Balling   |  That ever lived in the tide of times.  |
|                     |  Woe to the hand that shed this costly  |
|                     |  blood" - Julius Caesar Act 3, Scene 1  |
+---------------------+-----------------------------------------+
Previous By Date Next
Previous By Thread Next

Current thread: