An update on the AfriNIC situation

Sabri Berisha sabri at
Mon Aug 30 21:19:37 UTC 2021

----- On Aug 30, 2021, at 12:37 PM, Rubens Kuhl rubensk at wrote:


>> I've ran an RBL for years, which many people used. It closed down more than
>> a decade ago. Out of 100 DNS queries I logged just now with a quick tcpdump
>> on one of my three DNS servers, I counted 51 for That's
>> why I'm advocating to reconsider your carpet-bombing (filter into oblivion)
>> recommendation. People don't remove them.
> I understand the risk, but when choosing between that risk and the
> systemic risk for the RIR system, the choice for me is very clear.
> Kinda like removing a malignant tumor.

While I disagree with it, I do understand your point of view.

I'm a proponent of "your network, your rules". But, if you would choose
to filter the netblocks associated with this case, I would recommend that
you filter them in BGP and not ACL them into oblivion. That way your customers
won't be impacted (I have been on the customer end of something like this).



More information about the NANOG mailing list