nanog mailing list archives
RE: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked?
From: <michael.dillon () bt com>
Date: Thu, 24 Jul 2008 14:57:59 +0100
So, look at other options: * Widen the query space by using multiple IP addresses as source. This, of course, has all the problems with NAT gw's that the port solution did, except worse. This makes using your ISP's "properly designed" resolver even more attractive, rather than running a local recurser on your company's /28 of public IP space, but has the unintended consequence of making those ISP recursers even more valuable targets. Makes you wish for wide deployment of IPv6, eh.
The only real fix I see is to deploy DNSSEC.
You seem to be saying, above, that IPv6 is also a real fix, presumably because it allows for the 64-bit host id portion of an IP address to "fast flux". Or have I misunderstood? It would be nice for someone to explain how (or if) IPv6 changes this situation since many networks are already well into the planning stages for IPv6 deployment within the next two to three years. --Michael Dillon
Current thread:
- re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Paul Vixie (Jul 23)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Joe Greco (Jul 24)
- RE: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? michael.dillon (Jul 24)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Joe Greco (Jul 24)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Paul Vixie (Jul 24)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Steve Tornio (Jul 24)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Duane Wessels (Jul 24)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Steve Tornio (Jul 24)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Ken A (Jul 24)
- RE: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Scott Berkman (Jul 24)
- RE: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Justin M. Streiner (Jul 24)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Nathan Ward (Jul 25)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Jay R. Ashworth (Jul 25)
- RE: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? michael.dillon (Jul 24)
- Re: Paul Vixie: Re: [dns-operations] DNS issue accidentally leaked? Joe Greco (Jul 24)