I'm reacting because I see a case of someone observing symptoms, presenting eye-catchy colorful pictures and then running hard into the land of diagnosis.
On 5/27/15, 7:10, "Mark Andrews" <ma...@isc.org> wrote: >For others is is scrubbing / DoS services which are blocking EDNS(1) >queries. This sounds like there might be a need to analyze a trade-off. Taking the leap of faith that the dropping EDNS(1) figures is caused by DDoS scrubbing services, the question is "why?" Is EDNS(1) and DDoS scrubbing incompatible? I will offer that, from what I've seen, DDoS scrubbing seems to offer value to the Internet. I.e., I don't think that it's not simply going to go away. (I'm remaining neutral on the question of value-for-money, in the sense that's not the topic here.) I seriously doubt that DDoS scrubbing services will go away because they interrupt EDNS(1) adoption. Perhaps there isn't a conflict, it is just that the testing is throwing packets into a hole and declaring failure. Perhaps the lost EDNS(1) traffic ought to be explained away as part of the flotsam that is DDoS traffic. I'm just skeptical that a technology or mechanism will see lowered adoption over time - if it is a good idea. I understand falling adoption during the phase out/retirement/etc. You point out the new TLD operators - but it's dropping across the board (except for the bottom 1000, which might be related to those cellar-dwellers not being subject to DDoS load, hence no scrubbing). I would have expected to see a chart showing over increase in adoption with perhaps a sector that is failing and needing attention. I don't see that in the chart.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ dns-operations mailing list dns-operations@lists.dns-oarc.net https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
