Interesting new dns failures

Crist Clark Crist.Clark at
Tue May 22 17:18:10 UTC 2007

>>> On 5/21/2007 at 2:09 PM, Edward Lewis <Ed.Lewis at> wrote:

> At 3:50 PM -0500 5/21/07, Gadi Evron wrote:
>>As to NS fastflux, I think you are right. But it may also be an issue
>>policy. Is there a reason today to allow any domain to change NSs
> Although I rarely find analogies useful when trying to explain 
> something, I want to use one now to see if I understand this.
> Let's say you rob convenience stores as a career choice.  Once your 
> deed is done, you need to get away fast.  So moving fast is a real 
> help to criminals.  Since moving fast is rarely helpful for decent 
> folk, maybe we should just slow every one down - this certainly would

> make it easier for law enforcement to catch the criminals.

There are these things called speed limits on all[0] public
streets (in the USA, at least). Also things like stop signs
and traffic lights. People exceeding the limit and driving
recklessly can and regularly are stopped by police. When
such drivers attempt to evade police, they are chased, even
though it is dangerous to the police, bystanders, and the
people being pursued, because there is a good chance that
they are running because they've done something else, something

So, yeah. We do have speed limits. And suspicion of nefarious
activity is put on anyone who grossly exceeds them.

> If the above is not an accurate analogy to the NS fastflux issue, I'd

> like to know what the deviations are.  I don't doubt there are any, 
> but from what little I've gathered, the problem isn't the NS fastflux

> but the activity that it hides - if it is indeed hiding activity.  As

> in, not every one speeding around town is running from the law.

No, but it's still prohibited.

But yeah, it's just an analogy. And like many, you can bend
it to support either side.

[0] Last I knew, the experiments with speed-limitless
roads after the drop of the federal 55 mph limit had all
gone back to some arbitrary limits. Even Montana.

B¼information contained in this e-mail message is confidential, intended
only for the use of the individual or entity named above. If the reader
of this e-mail is not the intended recipient, or the employee or agent
responsible to deliver it to the intended recipient, you are hereby
notified that any review, dissemination, distribution or copying of this
communication is strictly prohibited. If you have received this e-mail
in error, please contact postmaster at 

More information about the NANOG mailing list