[NOC] ARIN contact needed: something bad happens with legacy IPv4 block's reverse delegations
Jared Mauch
jared at puck.Nether.net
Fri Mar 17 17:17:56 UTC 2017
On Fri, Mar 17, 2017 at 05:42:11PM +0100, Bjørn Mork wrote:
> William Herrin <bill at herrin.us> writes:
> > On Fri, Mar 17, 2017 at 7:52 AM, Romeo Zwart <rz+nng at zwart.com> wrote:
> >> RIPE NCC have issued a statement about the issue here:
> >>
> >> https://www.ripe.net/ripe/mail/archives/dns-wg/2017-March/003394.html
> >>
> >> Our apologies for the inconvenience caused.
> >
> > Hmm. That sounds like an ARIN-side bug too. ARIN's code responded to
> > corrupted data by zeroing out the data instead of using the last known good
> > data. That's awfully brittle for such a critical service.
>
> Well, it was a nice smoke test of the "RDNS required" anti-feature. All
> of a sudden we couldn't even send email to ourselves, having smarthosts
> in one of the affected zones. Nice.
>
> Maybe time to re-evaluate the usefulness of that config...
or proper whitelisting of your own infrastructure :-)
- Jared
--
Jared Mauch | pgp key available via finger from jared at puck.nether.net
clue++; | http://puck.nether.net/~jared/ My statements are only mine.
More information about the NANOG
mailing list