On zaterdag, okt 11, 2003, at 09:40 Europe/Amsterdam, Leif Johansson
|>Tell that to the root zone operators and brace for the reaction.
| Root zone operators, meaning like Verisign?
Yes. I recently sat in on a presentation from the operators of
I.root-servers.net. Currently 8-10% of queries are from rfc1918
addrs and 3.6% of queries are for rfc1918 .in-addr.arpa records.
That is not an insignifficant number of queries.
My argument was (is) that having RFC 1918 routes or packets escape
doesn't add additional problems on top of the fundamental problem that
routes or packets with the wrong addresses get out. Letting out wrong
(non-RFC 1918) addresses hurts the legitimate holder of those
addresses. With RFC 1918 addresses this isn't a problem.
I don't think another 10% load on the root nameservers is a huge deal,
so I wouldn't use the word "harmful" but I guess this is a special case
as a resolving nameserver that uses an RFC 1918 address isn't going to
receive a reply for its queries to the root, so it will keep repeating
those queries over and over again.
I read a report that only 2% of the hits on the root servers is both
legitimate and useful anyway.