[128817] in North American Network Operators' Group
Re: Numbering nameservers and resolvers
daemon@ATHENA.MIT.EDU (Jared Mauch)
Tue Aug 17 08:52:41 2010
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <Pine.LNX.4.64.1008171201090.26804@a84-22-97-10.cb3rob.net>
Date: Tue, 17 Aug 2010 08:52:20 -0400
To: Sven Olaf Kamphuis <sven@cb3rob.net>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Sven,
On Aug 17, 2010, at 8:11 AM, Sven Olaf Kamphuis wrote:
> this whole "you have to put 2 nameservers on two seperate subnets at =
two different locations" seems a bit.. pre-1993 to me.
> plus, why only 2, why not... 20 or so, all in different parts of the =
world and let bgp handle the rest.
There's an important component that is missing from the above. It's one =
thing to have a single nameserver hosted in such a manner, but through =
operational integration and history there are still a lot of domain =
names that are not fault tolerant.
I remember "in recent years" a ccTLD that ended up without functioning =
services as a result of poor nameserver site selection.
Ideally you would have a system with two geographically diverse =
nameservers for a domain, under seperate (routing) administrative =
control.
One of my former employers backhauled all their legacy nameservers to a =
single site, eg: e[0-2].ns.voyager.net.
While they were originally on diverse subnets and geographical =
locations, this appears to have changed.
Selecting a site outside of your control is valuable. When I was =
hostmaster@cic.net, we "traded" with mr.net. These days, if I were in =
the same role, I would want to have three instead of two. Asia, Europe =
and US someplace. If US only, east, west and central.
If you look at ntt.net, our "off-net" resolver is 69.36.249.36
This means if there is a ntt meltdown, there's a good chance you can =
still resolve related names off-net.
- Jared=
