[dns-operations] Reducing AS112 traffic
paul at vix.com
Mon Nov 19 14:54:52 UTC 2007
> For an enclave to reduce AS112 traffic, the should:
> (1) Create in-addr.arpa zones for private address space as per
> mamakos at cert.org
> (2) Configure a local [private] AS112 node as discussed
> (3) Block traffic to 22.214.171.124/24, but only do this if you've
> already done (1) or (2) and you're sure you won't impact operations.
i don't think (3) is right. when we started AS112 we could have assigned
these zones to servers in private address space, or to servernames like "."
or addresses like 0.0.0.0 or 127.0.0.1. we chose a real netblock because
we wanted this to be a real service. if an enclave can't do (1) or (2)
then i think i'd prefer to be able to measure their traffic as part of
this "whole internet" thing. also, a recommendation such as (3) creates a
new kind of private address space, which really should be beyond our powers.
More information about the dns-operations