[dns-operations] Reported DNS DDoS in China

Paul Vixie paul at vix.com
Wed Sep 27 05:08:51 UTC 2006

> >  Xinnet itself lists four servers on one 23-bit CIDR subnet.   
> > Doesn't this seem unusual, short sighted, for a large provider of  
> > DNS services?
> Depends on how many machines are behind those four address on the / 
> 23.  Could be multiple POPs and multiple machines and a whole mix if  
> fun in-between. :-)

if it's a /23 and there are no subnets of that in BGP, then it's not
multiple POPs even if it's multiple physical locations.  anyone can
build a nameserver a hundred feet tall and feed it with its own nuke
power reactor, but the only way to manage the risk of OPNs(*) is to
multi-locate AND multi-home.

(*) OPN = Other People's Networks

More information about the dns-operations mailing list