[165617] in North American Network Operators' Group
Re: DNS Reliability
daemon@ATHENA.MIT.EDU (Christopher Morrow)
Thu Sep 12 22:01:09 2013
In-Reply-To: <423D87CE-7B2F-47CF-BB9C-974B4DACF9D1@gmail.com>
Date: Thu, 12 Sep 2013 22:00:54 -0400
From: Christopher Morrow <morrowc.lists@gmail.com>
To: George William Herbert <george.herbert@gmail.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Thu, Sep 12, 2013 at 6:26 PM, George William Herbert
<george.herbert@gmail.com> wrote:
> The other subthread about routeability plays into that. For BIGPLACE env=
ironments, you should be considering how many AS numbers independently host=
DNS instances for you, in how many geographical regions, and do you have a=
backup registrar available spun up...
here's an interesting point... if you are a BIGPLACE, do you want to
trust your fate to some third party hosting your dns for you? What
about how your internal name service stuff is managed?
say you have a practice of using rsh to affect updates across your 4
main dns nodes, adding a 5th or Nth outside where rsh is not
possible/desired .... means adding additional processes and cruft to
your update process, is this acceptable?
Take, for instance the FBI.gov domain 3 days ago, some set of updates
happened, their ipv4 servers were answering with a consistent
response, their ipv6 nodes were answering with a variety of not
correct answers :( In the case of the FBI.gov domain, all of it is
handled outside 'fbi.gov hands' (all servers hosted externally) but...
-chris
