On 17 Mar 2017, at 12:26 PM, William Herrin <b...@herrin.us<mailto:b...@herrin.us>> wrote:
On Fri, Mar 17, 2017 at 7:52 AM, Romeo Zwart <rz+...@zwart.com<mailto:rz%2b...@zwart.com>> wrote: > RIPE NCC have issued a statement about the issue here: > > https://www.ripe.net/ripe/mail/archives/dns-wg/2017-March/003394.html > > Our apologies for the inconvenience caused. Hmm. That sounds like an ARIN-side bug too. ARIN's code responded to corrupted data by zeroing out the data instead of using the last known good data. That's awfully brittle for such a critical service. Agreed in principle - receiving incorrect data (improperly formatted, corrupted, or not properly signed) should result in appropriate notice and no change to the running system. This is actually the case with ARIN’s systems. However, we received a properly formatted and signed zonelet file, albeit one which contained zero records. APNIC also received similar correctly formatted/signed zonelet files as a record of the RIPE bug, and the three RIRs have been working closely together to get the correct RIPE data loaded back into our authoritative DNS systems. Thanks! /John John Curran President and CEO ARIN
