On Mon, Oct 3, 2011 at 12:38 PM, Danny McPherson <danny@tcb.net> wrote:
If the operator of a network service can't detect issues *when they occur* in the current system in some automated manner, whether unintentional or malicious, they won't be alerted, they certainly can't "fix" the problem, and the potential exposure window can be significant.
Ideally, the trigger for the alert and detection function is more mechanized than "notification by services consumer", and the network service operators or other network operators aware of the issue have
Does ISC (or any other anycast root/*tld provider) have external polling methods that can reliably tell when, as was in this case, local-anycast-instances are made global? (or when the cone of silence widens?) Given that in the ISC case the hostname.bind query can tell you at least the region + instance#, it seems plausible that some system of systems could track current/changes in the mappings, no? and either auto-action some 'fix' (SHUT DOWN THE IAD INSTANCE IT's ROGUE!) or at least log and notify a hi-priority operations fixer. Given something like the unique-as work Verisign has been behind you'd think monitoring route origins and logging 'interesting' changes could accomplish this as well? (I suppose i'm not prescribing solutions above, just wondering if something like these is/could-be done feasibly) -chris