Interesting new dns failures

Edward Lewis Ed.Lewis at
Mon May 21 21:09:55 UTC 2007

At 3:50 PM -0500 5/21/07, Gadi Evron wrote:

>As to NS fastflux, I think you are right. But it may also be an issue of
>policy. Is there a reason today to allow any domain to change NSs

Although I rarely find analogies useful when trying to explain 
something, I want to use one now to see if I understand this.

Let's say you rob convenience stores as a career choice.  Once your 
deed is done, you need to get away fast.  So moving fast is a real 
help to criminals.  Since moving fast is rarely helpful for decent 
folk, maybe we should just slow every one down - this certainly would 
make it easier for law enforcement to catch the criminals.

If the above is not an accurate analogy to the NS fastflux issue, I'd 
like to know what the deviations are.  I don't doubt there are any, 
but from what little I've gathered, the problem isn't the NS fastflux 
but the activity that it hides - if it is indeed hiding activity.  As 
in, not every one speeding around town is running from the law.
Edward Lewis                                                +1-571-434-5468

Sarcasm doesn't scale.

More information about the NANOG mailing list