[dns-operations] Looking for a public blackhole/sinkhole IP address

Jared Mauch jared at puck.nether.net
Thu Nov 27 00:45:45 UTC 2014 

If someone wanted to dispose of that volume of requests they could get assistance if they asked the right people. 

Jared Mauch

> On Nov 26, 2014, at 7:12 PM, Robert Edmonds <edmonds at mycre.ws> wrote:
> 
> Warren Kumari wrote:
>> This thingie has many aspects that look a bunch like AS112 -- I'm
>> wondering if it makes sense to also request an AS number for this.
>> It's not strictly needed, but having fewer inconsistent origin routes
>> is always nice.
>> 
>> It also seems that (also like AS112), networks could do this in one of
>> (at least) 3 ways:
>> 1: They can spin up this route purely within their own network  --
>> basically have one or more places where the route points at null0 /
>> discard and *not announce it to peers / customers* or
>> 2: announce to customers only or
>> 3: be good citizens and announce it to everyone.
>> 
>> 1 and 2 already exist, for RTBH (like you mention in the doc), they
>> are just not anycasted. I wonder if we ask the IANA nicely if they'd
>> assign 666.666.666.0/24 to.. oh, bugger....
>> 
>> The more people who do this, the more benefit there is - unfortunately
>> this argument often doesn't work on the Internets, but still worth
>> trying...
> 
> If one is trying to dispose of "250 million DNS requests per second" [0]
> or "> 1Mr/s (mega-requests per second)" [1], then you probably *don't*
> want the traffic to be routed to whoever happens to have announced it,
> or anywhere, really.  That seems to be a much different use case (drop
> the traffic as quickly and universally as possible, minimizing
> collateral damage) from routing the traffic to something like a
> community sinkhole.
> 
> [0] http://www.forbes.com/sites/parmyolson/2014/11/20/the-largest-cyber-attack-in-history-has-been-hitting-hong-kong-sites/
> 
> [1] https://la51.icann.org/en/schedule/mon-tech/presentation-dafa888-dos-attack-13oct14-en.pdf
> 
> -- 
> Robert Edmonds
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

More information about the dns-operations mailing list