Re: bit of topic, but might make few people lough

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Paul Howarth wrote:
What would you suggest they did instead of this?

Send NXDOMAIN.

There has been a notice posted about the discontinuation of the ipwhois
zone right at the top of the rfc-ignorant.org home page for months
before the zone was stopped, and it's still there right now.

Changing the NS records to point to localhost will not actually break
anything but may result in log entries such as those you are seeing,
which is people using your nameserver (who presumably you have some
influence over) to look up entries in this zone. So is it possible for
you to identify who is doing these lookups and point out to them the
error of their ways?

The assumption you are making has little to do with reality. If you were ISP, it is possible that you have logging of "lame server" resolving turned off. Too much junk. Almost all log parsing programs I saw ignore "lame server resolving" messages by default (including LogWatch distributed with most Linux distribution).


In reality, I'd say that 99% of people who theoretically have access to those logs are not going to see those error messages at all (or are simply going to "grep -v" them). 99% of those that actually saw them, are not going to react. Mostly because they'll simply assume it is just another misconfigured server out there (correct assumption, BTW).

I'd be really surprised to see any significant reduction in number of queries they are getting as a result of this "lame server" configuration they made. I have the latest update of SpamAssassin installed on my home FC2 installation. Did anybody bothered to make new updated package for SpamAssassin that doesn't query now defunct service? Nope. Has anybody bothered to report it as bug in bugzilla? Nope. That much about how many people noticed those "lame server" messages in log files.

By way of comparison, consider what the operator of the "monkeys.com"
open proxy list did (this was a very popular list btw). After publicly
[snip]
working, he set up the zone so that *every* IP address was listed.
Suffice it to say that this got the attention of lots of people (but not
all of the people still using it, strangely), but those people were less
than happy!

Yeah, I saw that happen with more than one such service. Those were examples of ultimate stupidity on behalf of owners of discontinued service.


If you are going to host that kind of database you should be prepared to be queried for long time after service is discontinued. Most people using it were not aware about the fact that they were using it in the first place. They simply installed a program such as SpamAssassin. Reaction of such average user could be: Me using rfc-ignorant? Nope, don't think so. I'm using SpamAssassin instead. Oh, SpamAssassin is using rfc-ignorant by default? Well, surprise to me.

An alternative would be to get new top-level domain for the service (for example, ipwhois-rfc-ignorant.com) and let root servers generate NXDOMAIN once the service is discontined (and domain deleted). Probably not nice thing to do IMO (although root servers have enough bandwith and CPU power to handle it).

Third alternative would be to send "the air is clean" response with huge TTL (one year comes to mind) to each query until you see reduction in number of queries. This is most likely the most network friendly solution (since this "the air is clean" responses will be cached for long time on numerous name servers around the globe, and they are not going to break anything, or cause a damage to anybody). This is probably the approach I would take if network bandwith those queries are making becomes concern to me. Of course, in this case your service had to be designed to send for example 127.0.0.1 when entry is not in the database (instead of NXDOMAIN as some of the services are doing).

As a conclusion. If somebody wants to provide similar service to the community, you don't simply go head first into it (as most people are doing it). You need to plan well ahead, and have understanding of what is going to happen once you discontinue the service and how to do it. When such a day arrives that you need to turn off the service, you don't want to create hard to fix damage to you. Nor you want to create hard to fix damage to community. And this simple thing is something overlooked too often by well meaning individuals and organizations providing such services.

You know that proverb "road to hell is paved with good intentions". Very appropriated in this case.

--
Aleksandar Milivojevic <amilivojevic@xxxxxx>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux