I've updated my draft describing a b-tree approach to publishing DNSxLs.
I rewrote a lot of it to make it easier to follow, and added some
stuff to handle multiple overlapping ranges with exception entries,
like rbndnsd handles. I reran some experiments yesterday using
a snapshot of the Spamhaus Zen BL and a day's stream of connections,
about 100K of them, and got a 78% hit rate using small (512 byte) records.
I'll try it with bigger EDNS0 records and see if it makes much difference.
It's a little rough toward the end, since I had to rush it in to beat
the pre-Prague submission deadline.
R's,
John
--- snip ---
A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : An efficient method to publish ranges of IP addresses
in the DNS
Author(s) : J. Levine
Filename : draft-levine-iprangepub-02.txt
Pages : 14
Date : 2011-03-14
The DNS has long been used to publish lists of IPv4 address ranges in
blacklists and whitelists. The size of the IPv6 address space makes
the entry-per-IP approach used for IPv4 lists impractical. A new
technique for publishing IP address ranges is described. It is
intended to permit efficient publishing and querying, and to have
good DNS cache behavior.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-levine-iprangepub-02.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg