[dns-operations] Reported DNS DDoS in China
Paul Vixie
paul at vix.com
Wed Sep 27 05:08:51 UTC 2006
> > Xinnet itself lists four servers on one 23-bit CIDR subnet.
> > Doesn't this seem unusual, short sighted, for a large provider of
> > DNS services?
>
> Depends on how many machines are behind those four address on the /
> 23. Could be multiple POPs and multiple machines and a whole mix if
> fun in-between. :-)
if it's a /23 and there are no subnets of that in BGP, then it's not
multiple POPs even if it's multiple physical locations. anyone can
build a nameserver a hundred feet tall and feed it with its own nuke
power reactor, but the only way to manage the risk of OPNs(*) is to
multi-locate AND multi-home.
(*) OPN = Other People's Networks
More information about the dns-operations
mailing list