RE: Top AS Offenders causing RFC-1918 DNS traffic

["Sameer R. Manek" <manek () ecst csuchico edu>]

It would not surprise me that pacbell/swbell aka SBC and Time
Warner/Roadrunner are among the biggest offenders here. A significant
portion of their customers are DSL/cable mode subscribers.

Since Win2k and I assume XP both attempt to perform dynamic dns updates,
hosts behind NAT, windows will happily send the update requests up the dns
tree as far as it can. When @Home was around, the primary name servers for
home.com used to see update attempts constantly.

Paul Vixie has posted in here statistics about the root levels getting
hammered by such update attempts in the past.

Any technical solution performed at the network level would be a bubble gum
and duct tape attempt to fix what was poorly engineered at the software
level. Since it's unlikely Microsoft will issue some sort of fix to the
problem.

Perhaps IANA should set the name servers to an address within each
particular block, that would at least keep the traffic local to the
organization, and not hammer larger internet infrastructure name servers.

Sameer


> -----Original Message-----
> From: owner-nanog () merit edu [mailto:owner-nanog () merit edu]On Behalf Of
> Peter Salus
> Sent: Saturday, September 14, 2002 2:54 PM
> To: John M. Brown
> Cc: nanog () merit edu; peter () matrix net
> Subject: Re: Top AS Offenders causing RFC-1918 DNS traffic
>
>
>
>
> It seems to me that some folks may not realize who owns
> John Brown's 5 AS villains.
>
> 4134 is Chinanet
> 3352 is Ibernet
> 7132 is Southwestern Bell
>
> and
>
> 5673 )
> 5676 ) are both SBC
>
> As Southwestern Bell is a part of SBC, it looks like
> SBC is a major villain where RFC-1918 DNS traffic is
> concerned.
>
> Peter