[dns-operations] Reducing AS112 traffic

Sidney Faber sfaber at cert.org
Mon Nov 19 13:28:03 UTC 2007

In an effort to bring this thread to a graceful close, I'd like to

For an enclave to reduce AS112 traffic, the should:
(1)  Create in-addr.arpa zones for private address space as per
mamakos at cert.org
(2)  Configure a local [private] AS112 node as discussed
(3)  Block traffic to, but only do this if you've
already done (1) or (2) and you're sure you won't impact operations.

I know there's nothing new here, and it's exactly what was out there
before I started asking the questions.  But I've seen a few additional
recommendations in various places, and I've also tried to anticipate
things sysadmins might think up on their own as possible remedies.  Now
I have rebuttals for them.

Thanks for letting me challenge you with some off-the-wall ideas, and
for providing observations both on and off the list.


Sid Faber, Member of the Technical Staff
Software Engineering Institute
Carnegie Mellon University
sfaber at cert.org

More information about the dns-operations mailing list