Drew Weaver drew.weaver at thenap.com
Fri Jun 27 13:36:30 UTC 2008

        Hello everyone, this is possibly off-topic here, not entirely sure.

        I'm kind of confused about some of uceprotect's policies, they seem to require every IP address to have reverse DNS with matching forwards (which works fine for a wireless/broadband/dial-up ISP, but not so much for a hosting company/datacenter). They seem to penalize companies who have many small allocations from ARIN/whomever while rewarding companies who have huge swaths of IP addresses in single chunks. They don't seem to understand that in a datacenter a single machine running virtuozzo/vmware can have any number of IPs assigned to it and that not everything can be so tightly scripted/controlled. They currently take issue with 106 out of almost 54,000 IP addresses and our AS appears to be listed in their list. That seems extreme to me. My question is, has anyone had a problem with uceprotect.net's system and then been able to satisfy their requirements on an ongoing basis? We'll obviously do whatever it takes because we really have no choice. We've found ISPs with over 100,000 IPs using their list(s) so obviously it has an impact.

        Off-list is fine, sorry to bother anyone if this is off-topic.

Thanks for your time.

More information about the NANOG mailing list