[dns-operations] Looking for a public blackhole/sinkhole IP address

Paul Vixie paul at redbarn.org
Thu Nov 27 02:52:25 UTC 2014

> Robert Edmonds <mailto:edmonds at mycre.ws>
> Wednesday, November 26, 2014 4:59 PM
> What about specifying *no* nameservers? That is, delegating the domain
> name to a nonexistent nameserver name within an intentionally empty
> sacrificial zone with a lengthy negative TTL.

experience and observation say that even with a lengthy negative ttl,
there will be an awful lot of queries sent to the closest enclosing NS
RRset for that nameserver name. there would also be a large volume of
syslog traffic worldwide concerning this misconfiguration.

something like AS112 would be best -- a real address that can be sunk or
dunked by anyone.

Paul Vixie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141126/c0a5b436/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: compose-unknown-contact.jpg
Type: image/jpeg
Size: 770 bytes
Desc: not available
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20141126/c0a5b436/attachment.jpg>

More information about the dns-operations mailing list