Interesting new dns failures
Edward Lewis
Ed.Lewis at neustar.biz
Mon May 21 21:09:55 UTC 2007
At 3:50 PM -0500 5/21/07, Gadi Evron wrote:
>As to NS fastflux, I think you are right. But it may also be an issue of
>policy. Is there a reason today to allow any domain to change NSs
>constantly?
Although I rarely find analogies useful when trying to explain
something, I want to use one now to see if I understand this.
Let's say you rob convenience stores as a career choice. Once your
deed is done, you need to get away fast. So moving fast is a real
help to criminals. Since moving fast is rarely helpful for decent
folk, maybe we should just slow every one down - this certainly would
make it easier for law enforcement to catch the criminals.
If the above is not an accurate analogy to the NS fastflux issue, I'd
like to know what the deviations are. I don't doubt there are any,
but from what little I've gathered, the problem isn't the NS fastflux
but the activity that it hides - if it is indeed hiding activity. As
in, not every one speeding around town is running from the law.
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Edward Lewis +1-571-434-5468
NeuStar
Sarcasm doesn't scale.
More information about the NANOG
mailing list