Well, my point, really, was that generating filter lists and *loading them* while relying on things in the network which aren't reliable enough is rather silly. IF you're going to run an automated procedure with the *expectation* that these operations (like a DNS lookup) won't fail, then you had better have mil-grade reliability. The *REAL* solution is <DON'T DO THAT>. I find it insane that folks were auto-generating filter lists off RIPE's information, using DNS lookups, without enough error checking to handle the case where the domain doesn't resolve! -- -- Karl Denninger (karl@MCS.Net)| MCSNet - Serving Chicagoland and Wisconsin http://www.mcs.net/ | T1's from $600 monthly / All Lines K56Flex/DOV | NEW! Corporate ISDN Prices dropped by up to 50%! Voice: [+1 312 803-MCS1 x219]| EXCLUSIVE NEW FEATURE ON ALL PERSONAL ACCOUNTS Fax: [+1 312 803-4929] | *SPAMBLOCK* Technology now included at no cost On Wed, Apr 08, 1998 at 06:33:47PM -0300, Stephen Sprunk wrote:
What would be the utility of doing that? Shouldn't we first direct effort towards making the ROOT servers that reliable? And then there's always the networks used to *reach* these servers, which are often of questionable reliability, especially when a MAE is involved.
Then again, that assumes that routers need military-grade DNS capability, which is an absurd concept to begin with. The routers should simply continue to operate normally (or slightly degraded) if DNS isn't available. Any other design is doomed to horrible race conditions.
Stephen
Karl Denninger wrote:
However, the nameserver infrastructure for such a TLD needs to go *far* beyond *any* existing TLD's nameserver infrastructure. You're talking here about things that need near, or even at, military-grade reliability levels of service.
-- Stephen Sprunk "Oops." Email: sprunk@paranet.com Sprint Paranet -Albert Einstein ICBM: 33.00151N 96.82326W