127.0.53.53

精选翻译

jasonzhu1903 2014-10-03 02:39:32

文章标签 dns 文章分类 网络安全

when i am doing trouble shooting today with a ticket, the found the devices name resolve result is very special---127.0.53.53.

127.0.0.0 255.0.0.0 should be reserved, how could this device link it's name with such an IP address? When I seartch the IP address, I have some interesting findings.

127.0.53.53 is used to identify a special situation, Name Collision.

127.0.53.53 是用来缓解DNS冲突的地址。在私有网络中，FQDN经常会因域名相似而冲突。当有冲突的时候，dns解析就回返回这个地址。

reference：https://www.icann.org/resources/pages/name-collision-2013-12-06-en#top

===== QUOTE =====

ICANN today announced the approval of the Name Collision Occurrence Management Framework [PDF, 634 KB] by the ICANN Board New gTLD Program Committee (NGPC). The framework implementation requirements were developed with input from many sources including the ICANN community, a report published by JAS Global Advisors LLC, and advice from the Security and Stability Advisory Committee (SSAC).

The framework is designed to mitigate the impact of name collisions in the domain name system (DNS), which typically occur when fully qualified domain names conflict with similar domain names used in private networks. When this occurs, users can be taken to an unintended Web page or encounter an error message.

To address this issue, the framework calls for registry operators to use a technique called "controlled interruption" to alert system administrators that there may be an issue in their network. Specifically, an IPv4 address – 127.0.53.53 – will appear in system logs, enabling a quick diagnosis and remediation.

"We now have a well-defined methodology for mitigating name collisions for delegated top-level domain names and a path forward for registries to unblock certain second-level domains in their list," said Akram Atallah, president of ICANN's Global Domains Division. "These operational processes, which were developed in conjunction with the multistakeholder community, will help to ensure the security of the domain name system."

Atallah went on to note that ICANN will provide information to and work with the Generic Names Supporting Organization (GNSO) to consider whether policy work on developing a long-term plan to manage gTLD name collisions issues should be undertaken.

ICANN will be holding webinars to discuss details of the Name Collision Occurrence Management Framework and answer questions on 12 August 2014 – Session 1 will take place at 01:00-02:30 UTC and Session 2 will be from 15:00-16:30 UTC.

Overview: Name Collision Occurrence Management Framework Implementation

ICANN registry operators are obligated to comply with requirements in the Name Collision Occurrence Management Framework, which include:

● Acting on name collision reports from ICANN within two hours of receipt of the report during the first two years of the life of the top-level domain (TLD), measured from the time of delegation of the TLD;

● Implementing continuous controlled interruption for a 90-day period.

ICANN obligations include:

● Monitoring the registry's implementation of the controlled interruption to ensure compliance with contractual requirements;

● Coordinating an emergency response for name collision reports only where there is a reasonable belief that the name collision presents a clear and present danger to human life;

● Working within the Internet Engineering Task Force (IETF) and with other relevant technical communities to identify a mechanism for IPv6 IP addresses that provides similar functionality to that being used in IPv4 (the loopback IP address 127.0.53.53).

The Name Collision Occurrence Management Framework also calls for the delegation of .CORP, .HOME, and .MAIL to be deferred indefinitely. ICANN will collaborate with the technical and security communities to determine the best way to handle these strings in the long term.