[dns-operations] Looking for a public blackhole/sinkhole IP address

Joe Abley jabley at hopcount.ca
Wed Nov 26 22:36:59 UTC 2014

On 26 Nov 2014, at 17:05, Florian Lohoff <f at zz.de> wrote:

> On Wed, Nov 26, 2014 at 04:10:07PM -0500, Joe Abley wrote:
>> On 26 Nov 2014, at 14:06, Warren Kumari <warren at kumari.net> wrote:
>>> What's wrong with It makes it clear what the intent is, and
>>> you don't get a much more distributed sinkhole than that...
>> I'm always wary of using for anything that doesn't really mean "you
>> should talk to yourself". Without a comprehensive knowledge of the impact,
>> you don't know what you're blowing up.
>>> If there really is a use case, let's try and get a block allocated,
>>> and encourage folk to anycast -> null0 for this.
>> https://github.com/ableyjoe/draft-jabley-well-known-sinkhole
>> Needs text. Not submitted. Co-authors welcome.
> Would it make sense to also mention an probably seperate address which should
> generate host unreachables? This should most likely be rate limited
> and probably tcp only or something.

My mental picture of a sinkhole is a hole into which things can be thrown without fear that they will come back out. What you're talking about sounds more like a volcano, which I would feel less happy standing next to with my bags of garbage. :-)

> For certain scenarios a quick "nothing here" could be useful
> E.g. sending smtp backscatter to a sink-hole or botnet command
> and control server.

Can you explain in more detail? I don't think I'm getting it.

If an end-user does something that triggers a packet to be sinkholed, who benefits if the sinkhole sources a packet back? This sounds like something that could be used to coordinate anonymous sinkhole backscatter towards arbitrary victims.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141126/281e5bd7/attachment.sig>

More information about the dns-operations mailing list