On Sun, Jun 04, 2023 at 01:19:18PM -0700, William Herrin wrote:
> Perhaps you missed my subsequent message where I pointed out that the
I did not.
> IP address is hard-coded in Bind which will use it by default unless
> configured not to.
It is not "hard coded." It is a default configuration.
doug madory is asking me for a cite for the exciting 1997/8 128/9 bgp
event. my memory as reported to doug is
soon after the 7007 incident, an engineer in a UUNET lab, not
realizing they were connected to the real internet, used the hidden
bgp test command to generate 128/9 chopped in
On 07/06/2023 04:13, Jason Canady wrote:
Using this on the interface of each switch:
ospfv3 1 bfd
ospfv3 1 ipv6 area 0
ospfv3 1 ipv6 bfd
bfd interval 500 min_rx 500 multiplier 40
#show bfd neighbors details
IPv6 Sessions
NeighAddr LD/RD RH/RS State
On Wed, Jun 07, 2023 at 09:30:36AM -0700, William Herrin wrote:
> Data embedded in the binary is hard-coded. That's what hard-coded
> means. If it makes you happier I'll qualify it as a "hard-coded
> default," to differentiate it from settings the operator can't
> override with configuration.
No.
On 6/7/23 15:13, Izaac wrote:
On Wed, Jun 07, 2023 at 09:30:36AM -0700, William Herrin wrote:
Data embedded in the binary is hard-coded. That's what hard-coded
means. If it makes you happier I'll qualify it as a "hard-coded
default," to differentiate it from settings the operator can't
override
On Wed, Jun 07, 2023 at 03:46:39PM -0400, Michael Butler wrote:
> > No. I will not indulge your invention of terms. "Hard-coded" means you
> > need to recompile to change it. This is a default value. A
> > configuration option takes precedence.
>
> BIND-9.18.14 requires recompilation to update
On Wed, Jun 07, 2023 at 01:52:45PM -0700, William Herrin wrote:
> [stuff]
Put it in your CVE.
--
. ___ ___ . . ___
. \/ |\ |\ \
. _\_ /__ |-\ |-\ \__
On Wed, Jun 07, 2023 at 02:45:05PM -0700, William Herrin wrote:
> [more stuff]
I've unpacked what a vulnerability is and is not for you.
I've unpacked how you can't be violating confidentiality in a protocol
which doesn't guarantee confidentiality for you.
I've unpacked how abusing the vulnerabili
Hi Robert,
If the goal is increased robustness by having addresses present from a
different RIR,
wouldn't it make this whole tempest in a teapot moot if, instead of
*reunubering*, you
simply *added* a second set of IPs, but continued to answer queries on the
original
addresses as well?
Is there a
On Thu, 8 Jun 2023 at 02:15, Randy Bush wrote:
> doug madory is asking me for a cite for the exciting 1997/8 128/9 bgp
> event. my memory as reported to doug is
>
> soon after the 7007 incident, an engineer in a UUNET lab, not
> realizing they were connected to the real internet, used th
thanks aftab
i remember a bit more. the hidden command was there to help debug CEF,
which was new at the time. the CEFlapods wanted a large blob of
prefixes to push the FIB. it kinda pushed the operational FIBs a bit
too far :)
randy
On 6/7/23 10:13 PM, Aftab Siddiqui wrote:
I definitely read a detailed research paper about that incident long ago
but can't find any link with any search keywords. But here is the NANOG
archive.
https://archive.nanog.org/mailinglist/mailarchives/old_archive/1997-10/msg00095.html
https://archive
On 6/8/23 04:16, Randy Bush wrote:
thanks aftab
i remember a bit more. the hidden command was there to help debug CEF,
which was new at the time. the CEFlapods wanted a large blob of
prefixes to push the FIB. it kinda pushed the operational FIBs a bit
too far :)
Was this in lieu of flow
Mark Andrews wrote:
It announces itself to an address which remains under the control of
USC/ISI the current and on going root server operator for b.root-servers.net.
So apart from leaking that the root hints have not been updated I don’t
see a big risk here. The address block, as has been stat
14 matches
Mail list logo
