North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Fwd: Re: Patching BIND (Re: What *are* they smoking?)

  • From: Mark Vevers
  • Date: Tue Sep 16 05:04:07 2003

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 16 Sep 2003 6:41 am, John Brown wrote:
> we've burned a AS for this, ICK

Yup - and 2 /24's ....

#show ip bgp regexp _30060$
   Network          Next Hop            Metric LocPrf Weight Path
*>i12.158.80.0/24   xxx.xxx.xxx.xxx         305    100      0 1239 7018 26134
 30060 ? *>i64.94.110.0/24   xxx.xxx.xxx.xxx       305    100      0 1239
 7018 26134 30060 ?

> based on the ASNAME, its seems a nice little route-map
> /dev/null will be real easy.  As long as they keep prefixs
> used in this really dumb idea for this idea.

If you have a full table (i.e. no default) just drop inbound routes with a
AS path _30060$

Also ....

<user>@dns0:/var/named/verisignwildcard#host 64.94.110.11
Host 11.110.94.64.in-addr.arpa not found: 3(NXDOMAIN)

Oh dear, I wonder what happened to the reverse ..... looks like that doesn't
resolve any more from here ;-)  ... so we can still do reverse DNS checks....

Mark
- -- 
Mark Vevers.    [email protected] / [email protected]
Principal Internet Engineer, Internet for Learning,
Research Machines Plc. (AS5503)
- --
GPG Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB08F3CA3
Fingerprint: 85BA 30C4 9EC8 1792 4C8C   C31E 58B5 3D1C B08F 3CA3
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/ZtFGWLU9HLCPPKMRApqHAJwJAxEbkUmKfUsuK4lOrrs5izPaRgCfePsT
b0klVYOObpWZqQZIUd3TrJk=
=gb31
-----END PGP SIGNATURE-----