Randy Bush randy at
Fri Dec 28 18:21:18 UTC 2001

>> attacks?  you mean when they shot themselves in the 2182 foot?
> I'm not aware of the exact reasons for their problems.

someone misconfigured a router so dns could not serve from behind it.
this is life, stuff happens.  but they had ALL the servers for their
domain behind that ONE router, despite massive net lore and a bcp not
to do so.  so the entire domain and a number of other pieces were
unreachable for a long time.  yucchhy.

the reason i belabor this here is not to abuse this particular foot
shooter, but rather to emphasize yet again, diversify your dns servers
*widely*, physically and topologically.  see rfc 2182.


More information about the NANOG mailing list