[dns-operations] DNS deluge for x.p.ctrc.cc

Paul Vixie paul at vix.com
Mon Feb 27 15:07:19 UTC 2006

# > it's not about capex, it's about opex.  the act of turning on BCP38-like
# > features, training staff in how to manage and operate this feature set,
# > finding out what customers are doing 3TCP or satellite-asymmetry and who
# > therefore actually need to "spoof" the source addresses but who can likely
# > be trusted to do so, is considered completely unrealistic by large ISP's.
# So, instead of trying to repair a few thousand relatively-easily-
# identifiable networks, it's going to be easier to try to repair a
# million(??? wild guess) open recursers running on everything from major
# networks (, etc), down to some guy's Mac OS X laptop, down to
# the broken proxy on a cable modem which mistakenly accepts requests on the
# outside interface?

that assumes a symmetric cost:benefit, which isn't present here, and assumes
that they will in fact exert any energy to fix the laptop in question, which
they will not.

# What's a good incentive for cable and DSL providers to go BCP38?

what they've told me when i complain, if they bother to reply to me at all,
is that until their competitors are forced to endure the same assymetric
costs for the same assymetric benefit, they will do nothing.  in other words
they are clamouring for regulation.

shunning their networks or refusing to peer with them isn't an option, since
the worst of them are the largest.

More information about the dns-operations mailing list