DOS attack against DNS?

• Previous message (by thread): DOS attack against DNS?
• Next message (by thread): DOS attack against DNS?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

joelja at darkwing.uoregon.edu (Joel Jaeggli) writes:

> > people inside one of the largest networks have told me that they have
> > customers who require the ability to bypass BCP38 restrictions, and that
> > they will therefore never be fully BCP38 compliant.  ...
> 
> Consider people in the rest of the world who may purchase simplex 
> satellite links. By definition they inject traffic in places they aren't 
> announcing their route from.

yup, those are exactly the customers i was told about.  (see above.)  however,
there's still a way to filter-list the various interfaces -- it's just harder
than letting the routing table imply your filter-list for you.  also however,
if these were the only customers who weren't made to follow BCP38, there would
not be a global BCP38-related problem right now.  or, as i said before:

> > i've asked for BCP38 to become the default on all their other present
> > and future customers ...
-- 
Paul Vixie

• Previous message (by thread): DOS attack against DNS?
• Next message (by thread): DOS attack against DNS?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]