Matsuzaki-san,I read the link you forwarded. Thank you.I am sorry to see how this would be anyway affected by my announcing 1.2.3.0/24 on my ISP network. The attack you cite changed the DNS resolver addresses on CPE. If they had changed it to 1.2.3.4 , not only would it have been to a resolver I supply to my clients (and no one else), but since 1.2.3.0/24 would be filtered by me upstream, there is no way that 1.2.3.4 queries would go to them. This seems to strengthen Dean and Geoff's proposal.
If I misunderstanding this, I would appreciate correction from the list. Could someone give me a use case where I could make life worse, using this, for InternetNZ's customers?
* sig-policy: APNIC SIG on resource management policy *
_______________________________________________
sig-policy mailing list
sig-policy@lists.apnic.net
http://mailman.apnic.net/mailman/listinfo/sig-policy