Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] !ATTENTION! FurNIC Sponsored T1 178.63.145.230 aka ns4.opennic.glue ceasing OpenNIC operation immediately(no .bit / no recusion)

discuss AT lists.opennicproject.org

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] !ATTENTION! FurNIC Sponsored T1 178.63.145.230 aka ns4.opennic.glue ceasing OpenNIC operation immediately(no .bit / no recusion)


Chronological Thread 
  • From: gp AT gparent.net
  • To: discuss AT lists.opennicproject.org
  • Subject: Re: [opennic-discuss] !ATTENTION! FurNIC Sponsored T1 178.63.145.230 aka ns4.opennic.glue ceasing OpenNIC operation immediately(no .bit / no recusion)
  • Date: Sun, 21 May 2017 14:53:40 +0000
  • Dkim-filter: OpenDKIM Filter v2.9.2 mx-in0.gparent.org 1257620279

I've always argued against .bit because we have no control over it. It's such a ridiculous peering to me that I would not even care if it were permanently lost.

Also hosting a T2 on a T1 may not be disallowed but it's always been an awful idea considering our infrastructure. Hopefully this can be a learning experience.

I sincerely hope the server can recover on an ISP that understands the internet a little bit more, because it's disappointing when they care more about spammers than users.

-gp


On 2017-05-18 19:37, Jonah Aragon wrote:
As far as I'm aware you can't drop a peer because they're now all in
the root zone. You don't have to *slave* them but they'd still
resolve.

I was just saying we may want to reconsider it in the future,
especially with the spam issues originating from .bit as of late. We
need to start promoting our own democratic TLDs instead of other
parties' namespaces.

RE: Stephan: I'm wondering why you had to remove the .bit zone, I
suspect just disabling recursion would be sufficient, and recursion
isn't necessary for Tier 1 servers so you could keep it as a full
fledged T1.

Jonah

On May 18, 2017 2:21 PM, "Zach Gibbens" <zachgibbens AT zachgibbens.org>
wrote:

In the past peering in opennic didn't mean both parties had to
resolve each other (however that was the desire) and we knew that
going in on namecoin, we did that unilaterally.

Also a tier2 server wasn't required to carry a peering tld, merely
OpenNIC (ICANN was implied too, considering how we linked them at
the root) so if I wanted to drop AltNations (just an example, only
other peer I can think of) I could just do it myself no harm no
foul.

Perhaps this has evolved over time, don't think we've updated the
charter regarding it though.

This issue is actually a few issues in one if I read right. There
was an open resolver issue as a part of this (which I can attest is
more likely the reason for the nullroute threat, there's a reason my
T2 servers are internal only now. DNS amplification attacks cost too
much.)

-------- Original Message --------

On May 18, 2017, 15:05, Jonah Aragon < jonaharagon AT gmail.com> wrote:

On a minor tangent, I wonder if we should reconsider peering the
Namecoin and Emercoin zones. They seem to be causing more trouble
than they're worth, and we don't even seem to have a true peering
agreement with us as far as I can tell, we resolve their names but
not vice versa.

In my opinion we should drop their zones unless they can agree to
include our zones in their official DNS clients. I have my doubts we
can do this with Namecoin but perhaps we could convince Emercoin to
do this as we have a bit of an official relationship with them.

Just my two cents on the whole thing.

Jonah

On May 18, 2017 1:59 PM, "Jonah Aragon" < jonaharagon AT gmail.com>
wrote:

ISP's DNS servers are generally whitelisted internally (to their
customer network) so they don't have to deal with stuff like that,
with a few exceptions, ours on the other hand are publicly
accessible to anyone.

The issue doesn't seem to be with Spamhaus necessarily here
however, it seems to be with the hosting provider ns4 is using,
because they'd rather block a paying customer than have an IP
blacklisted by a spam organization (which may be a good trade-off
for them, who knows, I have no idea how much is being paid for ns4's
servers). For example if Spamhaus came after me I could easily just
laugh and not pay them attention because my hosting providers aren't
going to care, and I'm not going to care because being blacklisted
generally doesn't come with many consequences outside of email
deliverability. The provider for ns4 on the other hand was prepared
to completely nullroute their network.

There's definitely an issue here with misunderstanding between us,
Spamhaus, and our hosting providers, but it should be a fairly
trivial task to move to a provider who won't be swayed so easily by
random third party organizations.

That's how I see it at least.

Jonah

--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing
discuss-unsubscribe AT lists.opennicproject.org


--------
You are a member of the OpenNIC Discuss list.
You may unsubscribe by emailing discuss-unsubscribe AT lists.opennicproject.org



Archive powered by MHonArc 2.6.19.

Top of Page