On Wed, Nov 26, 2014 at 4:10 PM, Joe Abley <jab...@hopcount.ca> wrote: > > On 26 Nov 2014, at 14:06, Warren Kumari <war...@kumari.net> wrote: > >> What's wrong with 127.0.0.1? It makes it clear what the intent is, and >> you don't get a much more distributed sinkhole than that... > > I'm always wary of using 127.0.0.1 for anything that doesn't really mean "you > should talk to yourself". Without a comprehensive knowledge of the impact, > you don't know what you're blowing up. > >> If there really is a use case, let's try and get a block allocated, >> and encourage folk to anycast -> null0 for this. > > https://github.com/ableyjoe/draft-jabley-well-known-sinkhole
This thingie has many aspects that look a bunch like AS112 -- I'm wondering if it makes sense to also request an AS number for this. It's not strictly needed, but having fewer inconsistent origin routes is always nice. It also seems that (also like AS112), networks could do this in one of (at least) 3 ways: 1: They can spin up this route purely within their own network -- basically have one or more places where the route points at null0 / discard and *not announce it to peers / customers* or 2: announce to customers only or 3: be good citizens and announce it to everyone. 1 and 2 already exist, for RTBH (like you mention in the doc), they are just not anycasted. I wonder if we ask the IANA nicely if they'd assign 666.666.666.0/24 to.. oh, bugger.... The more people who do this, the more benefit there is - unfortunately this argument often doesn't work on the Internets, but still worth trying... > > Needs text. Not submitted. Co-authors welcome. I'm making some edits, will send a pull request in a bit. Specifically the guidance to network operators section, and I'll take an initial stab at a privacy considerations bit. I'm guessing that we are going to have somewhat of a fun time with the privacy / security implications bits. It won't be long till someone hits upon the idea of standing up a listener / server on one of these addresses. One would hope that the traffic that would arrive at a global sinkhole would be "safe", but seeing as some of the uses for this would be to sink bad stuff, someone will want to measure how much "bad stuff" domain or malware XXX is generating - this will require looking at the bad stuff to disambiguate "this" bad stuff from "that" bad stuff, and now you have a bit of a mess... Perhaps this actually turns out to be a dangerous idea..... W > > > Joe -- I don't think the execution is relevant when it was obviously a bad idea in the first place. This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. ---maf _______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
