[128776] in North American Network Operators' Group
Re: Numbering nameservers and resolvers
daemon@ATHENA.MIT.EDU (Jeremy Kister)
Mon Aug 16 03:19:45 2010
Date: Mon, 16 Aug 2010 03:19:25 -0400
From: Jeremy Kister <nanog-01@jeremykister.com>
To: nanog@nanog.org
In-Reply-To: <4C68DF61.6080601@tiedyenetworks.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On 8/16/2010 2:49 AM, Mike wrote:
> from eachother? Anyone got advice either way? Should I try to give
If you have a dedicated subnet for /32s (e.g., router loopback
interfaces), i'd pick from there.
if you eventually require geo-redundancy or want to load balance your
queries, it's much neater injecting them into your igp rather than
having a few /32's injected from an otherwise nice clean /24.
I am also a fan of keeping your recursive and authoritative ip addresses
separate. Not only is this much more modular, it can be more secure;
see http://cr.yp.to/djbdns/separation.html
--
Jeremy Kister
http://jeremy.kister.net./
