North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: How common is lack of DNS server diversity?
> Ergo, I thought that it was determined as best practice that; Name > Servers that were offered up, as references, should be root for that level. > That is, they should be non-recursive. I don't remember any IETF BCP making that claim. Recursion is a tool. It can be very helpful in some environments. In inappropriate hands (stupid/evil) it can cause serious damage. > Another thing missing is a further definition of <authoritative>. Some of us > have been working with the following; > <Authoritative servers> ::= <zone authority>|<domain level > authority>|<authoritative resolvers> > <zone authority> ::= Final authority for a zone, non recursive. > <domain level authority> ::= Final authority for a DL, non recursive (ie > a.root-servers.net, gtld-servers.net, etc). > <authoritative resolvers> ::= recursive servers, intended for use by > clients, that claim authority for their specific zones. These include > stub-resolvers. Not quite what I'd use but its an interesting approch. Seems like there is an overlap between data origination and data publication. (well, thats not quite right either...:) > BTW, I consider RFC2870 antiquated, because it presupposes an architecture > which may be outmoded or becoming outmoded rapidly. Load balancing and > clustering technology makes RFC2870 an unnecessary waste of resources and > can even get you into trouble. Well, RFC2870 might just have taken a leaf from your book and used "root" as you have indicated. Reading it sure gives that impression. > Yes, some of this is from work done on the ORSC roots. Yes, one of the > largest problems we have had to overcome, at ORSC, IFWP, and ICANN/DNSO > discussions, were semantic problems caused by overly simplistic and generic > semantics. > .... > This happened > at MSFT, ORSC, and other places that didn't join/agree/submit to > namedroppers. Its tough when the various parties can't reach agreement on the basics. One would hope that discussions are continuing between these parties and agreement on semantics can be reached. --bill