[dns-operations] EDNS and TLDs
paul at redbarn.org
Thu Nov 17 02:20:11 UTC 2016
Matthew Pounsett wrote:
> On 17 November 2016 at 04:26, Albert Braden <abraden at about.com
> <mailto:abraden at about.com>> wrote:
> When my employer hosted house.com <http://house.com>, we stopped the
> barrage of updates by setting the SOA to 127.0.0.1. YMMV
> There is a large-ish TLD which has "." as the MNAME in its
> infrastructure zones (not the TLD itself). Since are no address records
> for that label it is a quick and painless way to completely prevent
> UPDATE messages form ever being sent in the first place.
yes, and we can see the resulting A and AAAA queries for "." in root
server query logs. i would very much prefer that you set your SOA MNAME
to prisoner.iana.org if you want updates to go where they'll do no harm.
More information about the dns-operations