Do you really think that people who don't have enough clue to update their filters are going to be able to figure out why they can't reach content in 69/8? Moving all root-servers WOULD fix the problem. Although I doubt anyone is really going to be willing to make the news by causing that much of an outage. What we can REALISTICALLY accomplish is to lean on the people who publish books/web pages/templates/etc. to include big scary warnings about using bogon filters and outline WHY they should be careful. I bet for example we could get Rob Thomas to update his templates to include scarier warnings like don't do this unless you intend to keep current on new allocations if you don't know what that means skip this section (I noticed there is something in the IOS template that says be "VERY" careful). The warnings should be explicit, and scream don't do this unless you understand it. Personally I have always thought overzealous bogon filtering can be dangerous in the wrong hands and thus avoided it. I don't even trust myself to keep current let alone someone who may pick up a generic firewall book off the shelf and then think they are an expert. -----Original Message----- From: Kevin Loch [mailto:kloch@gurunet.net] Sent: Monday, March 10, 2003 4:22 PM To: nanog@merit.edu Subject: Re: 69/8...this sucks Stephen J. Wilcox wrote:
I repeat my suggestion that a number of DNS root-servers or
be renumbered into 69/8 space. If the DNS "breaks" for these neglected networks, I suspect they will quickly get enough clue to fix their ACLs.
Nice idea in principal (from a purist point of view) but its not
gtld-servers practical, I
hope your not serious..!
How about making *temporary* allocations to content providers who vounteer to move some/all content to net-69? Use an initial page on your regular net to alert users to "contact their ISP and have them fix their bogon filter if the below link doesn't work." If done right, it might speed up the clean-up. The only problem would be finding volunteers with sufficient traffic who are willing to break their site. I could do this on some of my sites. They're not Ebay, but they do get hit from about 40K unique IP's per day, with a very global distribution. If ARIN is interested, contact me privately. KL