[NOC] ARIN contact needed: something bad happens with legacy IPv4 block's reverse delegations

Jared Mauch jared at puck.Nether.net
Fri Mar 17 17:17:56 UTC 2017

On Fri, Mar 17, 2017 at 05:42:11PM +0100, Bjørn Mork wrote:
> William Herrin <bill at herrin.us> writes:
> > On Fri, Mar 17, 2017 at 7:52 AM, Romeo Zwart <rz+nng at zwart.com> wrote:
> >> RIPE NCC have issued a statement about the issue here:
> >>
> >>  https://www.ripe.net/ripe/mail/archives/dns-wg/2017-March/003394.html
> >>
> >> Our apologies for the inconvenience caused.
> >
> > Hmm. That sounds like an ARIN-side bug too. ARIN's code responded to
> > corrupted data by zeroing out the data instead of using the last known good
> > data. That's awfully brittle for such a critical service.
> Well, it was a nice smoke test of the "RDNS required" anti-feature.  All
> of a sudden we couldn't even send email to ourselves, having smarthosts
> in one of the affected zones. Nice.
> Maybe time to re-evaluate the usefulness of that config...

	or proper whitelisting of your own infrastructure :-)

	- Jared

Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.

More information about the NANOG mailing list