Home page logo
/

nanog logo nanog mailing list archives

Re: Reliable Cloud host ?
From: Jared Mauch <jared () puck nether net>
Date: Tue, 28 Feb 2012 09:02:00 -0500


On Feb 27, 2012, at 2:53 PM, Valdis.Kletnieks () vt edu wrote:

On Mon, 27 Feb 2012 14:02:04 EST, William Herrin said:

The net result is that when you switch the IP address of your server,
a percentage of your users (declining over time) will be unable to
access it for hours, days, weeks or even years regardless of the DNS
TTL setting.

Amen brother.

So just for grins, after seeing William's I set up a listener on an address
that had an NTP server on it many moons ago. As in the machine was shut down
around 2002/06/30 22:49 and we didn't re-assign the IP address ever since
*because* it kept getting hit with NTP packets..  Yes, a decade ago.

In the first 15 minutes, 234 different IP's have tried to NTP to that address.

I hereby reject the principle that one can not renumber a host/name and move it.

Certainly some people will see breakage.  This is because their software is defective, sometimes in a critical way, 
other times in a way that is non-obvious.

But I reject the idea that you can't move a service, or have one MX, DNS, etc.. host be down and have it be fatal 
without something else being SERIOUSLY broken.  If you are right, nobody could ever renumber anything ever, nor take a 
service down ever in the most absolute terms.

I've been involved in large scale DNS server renumbering/moving/whatnot.  It's harder these days than it was in the 
past, but its feasible.  I know those resolver addresses that have been retired still get queries from *very* broken 
hosts.  Just because they're getting queries, doesn't mean they are expecting an answer, or will properly handle it.

Sometimes you have to break the service worse for people to repair it.  Look at the DCWG.org site and try to get an 
idea if you're infected.  At some point those will go away.  Doesn't mean those people aren't broken/infected and 
REQUIRE remediation.

- Jared

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault