What DNS Is Not

David Conrad drc at virtualized.org
Thu Nov 26 15:37:56 UTC 2009


On Nov 25, 2009, at 4:41 PM, Dan White wrote:
> On 25/11/09 14:17 -0800, David Conrad wrote:
>> On Nov 25, 2009, at 1:22 PM, Dan White wrote:
>>> Contact ICANN/IANA and plead with them to stop assigning any more resources
>>> to said ISP.
>> ICANN/IANA doesn't assign resources to ISPs.
> Indirectly they're responsible for assignment of IP address,

In the sense that they allocate /8s (and, in IPv6, /12s) to the RIRs, sure.  I'm just guessing but I don't think the RIRs would be very happy if ICANN/IANA were to refuse to allocate a /8 (or a /12) to an RIR because one of the RIRs' customers was hijacking NXDOMAINs.

> enterprise numbers,

Actually, ICANN/IANA assigns these directly (see http://pen.iana.org), but I suspect the folks in the IETF would get a bit distressed if ICANN/IANA started imposing restrictions on who could get PENs.

> domain names

ICANN/IANA is directly responsible for (and has contractual relationships with folks who operate) gTLDs and has, to the distress of some folks on this list, imposed restrictions on wildcards/synthesis/etc.  ICANN/IANA discourages wildcards/synthesis/etc for ccTLDs, but the operation of a ccTLD is considered a national sovereignty issue and thus, ICANN/IANA has no way to do anything other than point out the problems wildcards/synthesis/etc. can lead to.  As I write this, there are 11 ccTLDs that do wildcards/synthesis/etc. and there will undoubtedly be more in the future. ICANN/IANA has no interaction with, much less control, over ISPs.

> My point was there isn't really an authority to enforce rules on ISPs when
> it comes to how they manage their DNS servers.


> Government and IANA won't be interested in fielding such complaints.

Government might -- politicians like to be seen solving problems, even if they haven't the slightest idea what the problem is, whether it actually is a problem, or how to go about fixing it.

With the exception of the gTLDs, ICANN/IANA simply can't -- it has no mechanism to do anything other than wag its finger.

> Shining a flash light on the problem publicly is going to be the best best.

There are folks on this list who work for ISPs which are doing wildcards/synthesis/etc.  They (or, more likely their management) can tell you there are obvious business reasons why they do wildcards/synthesis/etc.  Perhaps I'm overly cynical, but I suspect that until those business reasons go away, shining a flash light will probably just result in more ISPs implementing wildcards/synthesis/etc. 


More information about the NANOG mailing list