|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Kill Verisign Routes :: A Dynamic BGP solution
I wanted to discuss the merits of the following: I have written a proof of concept solution to nuke a route to sitefinder. Code to those who care or to the list if anyone cares. Perl is your friend :) Basic concept: Use Net::BGP to set up a peering session with my route server. Query DNS for *.com and *.net on x interval. Then take the answers (if they are valid A records) and inject them into the route server (which in our case is used solely to feed a blackhole network to sink traffic from APNIC space, etc). If an address no longer appears in the DNS (i.e. the idiots switched hosts), withdraw the route. If they set up multiple hosts, it will catch each one of them. You can set the polling interval as you please. Thoughts? Eric ========================================================================== Eric Germann CCTec [email protected] Van Wert OH 45891 http://www.cctec.com Ph: 419 968 2640 Fax: 603 825 5893 "The fact that there are actually ways of knowing and characterizing the extent of one’s ignorance, while still remaining ignorant, may ultimately be more interesting and useful to people than Yarkovsky" -- Jon Giorgini of NASA’s Jet Propulsion Laboratory
|