Re: Question re prevention of enumeration with DNSSEC (NSEC3, etc.)

On 5/8/22 19:48, Warren Kumari wrote: If zone enumeration was not a real concern, NSEC3 would not exist. Ackchyually, that's only partly true — a significant amount of the driver (some would say hte large majority) behind NSEC3 was that it supports "opt-out". This was important in very l

Re: Ukraine request yikes

Hello, On 3/1/22 21:08, David Conrad wrote: - Shutdown the root server instances operated by ICANN that are within Russia ICANN could conceivably do this unilaterally, but there are a lot more root server instances operated by other RSOs (including RIPE NCC, Verisign, ISC, and NASA). It's al

Re: AS 3356 (Level 3) -- Community 3356:666

Hello, there's exactly *one* blackhole well-known community, which should be used for this purpose - 65535:666 (standardised in RFC 7999). There's no reason to use even "ASN:666" format these days... - Daniel On 8/4/21 3:28 PM, Sriram, Kotikalapudi (Fed) via NANOG wrote: There is an old NANO