I don't think the WG should address this as proposed, because AS112 is unnecessary: A delegation of "local" address space to IP Address 127.0.0.1 makes all problems go away. So, there is no need to have AS112. Second, AS112 Approach does not offer any pro-active correction to the problem of misconfiguration, which is the source of the traffic AS112 hopes to "sink".
There is a better approach. The better approach is for the WG to recommend to the in-addr.arpa maintainer to put in delegations for 168.192.in-addr.arpa et al to be delegated to 127.0.0.1. These delegation records should have the maximum TTL. This approach has two beneficial effects that AS112 doesn't offer: 1) The nameserver operator with the misconfigured nameserver will begin getting "recursion to self" errors, which will prompt corrective action. 2) The delegation records will be cached on the local nameserver, reducing unnecessary traffic from the misconfigured nameserver. Dean Anderson Av8 Internet, Inc On Mon, 18 Sep 2006, Peter Koch wrote: > Dear working group, > > an excerpt of IETF 66's minutes shows: > > Presentation by Joe Abley covers > - draft-jabley-as112-being-attacked-help-help-00.txt > - draft-jabley-as112-ops-00.txt > > - Related work: draft-ietf-dnsop-default-local-zones > - Contains many more zones than AS 112 > - No current good process for adding new zones to AS 112 > - No process for new transports for AS 112, e.g. adding IPv6 > - Adoption by WG? > > Of the people in the room ~10 are involved in running AS 112 instances > and ~40 have read the AS112 drafts. > > Subject of further discussion was what the WG was expected to do given > that > the documents seemed almost ready. The authors felt that the dnsop wg > was the broadest forum (compared to NANOG, RIPE, ...) and also the best > approximation of AS112 operators. Also, Joe felt suggested that AS112 > was IANA sponsored central infrastructure. > > Target status of these documents would be "Informational", including an > IETF Last Call. > > This is a request to the WG to express an opinion on adopting the > different AS112 related work items as a new "AS112 basket", pending AD > approval, i.e. adding AS112 related issues to our charter, currently > consisting of the following tasks > > 0) draft-ietf-dnsop-default-local-zones > > This Draft is in post-WGLC phase already > > 1) draft-jabley-as112-being-attacked-help-help-00.txt > "I'm Being Attacked by PRISONER.IANA.ORG" > > This draft may serve as an Informational RFC, potentially in the FYI > subseries (see FYI 1/RFC 1150). > > 2) draft-jabley-as112-ops-00.txt > AS112 Nameserver Operations > > This draft would cover operation of name servers particpating in the AS112 > project, aiming at Informational status (likely with IETF wide Last Call) > > 3) [no draft available yet] > "Updating the zones/transports covered by AS112 servers" > > This new work item would deal with defining a mechanism to control the > set of zones covered by project AS112 servers, including new transports > like IPv6. > > If you have an opinion whether the dnsop WG should address the overall > issue of project AS112 <http://public.as112.net/> operations, please > state it on the wg mailing list with some reasoning. Please also indicate > whether you'd like to volunteer as a reviewer for one or more of the > mentioned Internet-Drafts (1-3). This is not a Last Call on drafts (1) and > (2), > so I'd like to ask that a discussion of specific text portions or pros and > cons > be postponed until a decision regarding the general direction has been made. > > The authors have offered (1) and (2) for adoption as WG items. Draft (3) > would have to be specified and would need editors and reviewers as well. > Again, this is to be seen in the general context of rechartering the WG > and will need AD approval. > > Thanks, > Peter > . > dnsop resources:_____________________________________________________ > web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html > mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html > > -- Av8 Internet Prepared to pay a premium for better service? www.av8.net faster, more reliable, better service 617 344 9000 . dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
