19 Apr
2002
19 Apr
'02
11:31 a.m.
this was sent personally, but i'm answering to the list.
It might help the A Root, at least, if the SOA record listed bogus.root-servers.net instead of A.root-servers.net, and then a record mapped bogus.root-servers.net to 127.0.0.1. That should keep Win2K and follow-ons from sending dynamic updates to the root zone.
now that we have separate servers for the rfc1918 ptr zones, these updates are not going to the root servers and indeed cannot affect the root servers. since ddos attack backscatter shows up in these log files, it's darn useful to centralize the logging for it. any AS owner who wants to localize these updates can do so by simply anycasting the 192.175.48/24 netblock and serving dns on .1, .6, and .42.