misunderstanding scale

John Levine johnl at iecc.com
Wed Mar 26 17:10:10 UTC 2014


>It only takes a single entry if you do not store /128s but that /64. Yes,
>RBL lookups do not currently know how to handle this, but there are a
>couple of good proposals around on how to do it.

Sigh.  See previous note on wny aggregating on /64 won't work.

>This would also reduce the risks from cache depletion attacks via DNSxL
>lookups to IPv4 levels.

Sigh.  See previous note on wny aggregating on /64 won't work.

R's,
John




More information about the NANOG mailing list