[34105] in North American Network Operators' Group
Re: How common is lack of DNS server diversity?
daemon@ATHENA.MIT.EDU (bmanning@vacation.karoshi.com)
Sun Jan 28 02:39:06 2001
From: bmanning@vacation.karoshi.com
Message-Id: <200101280755.HAA19322@vacation.karoshi.com>
To: rmeyer@mhsc.com (Roeland Meyer)
Date: Sun, 28 Jan 2001 07:55:31 +0000 (UCT)
Cc: rmeyer@mhsc.com (Roeland Meyer), joshua@roughtrade.net,
nanog@merit.edu
In-Reply-To: <9DC8BBAD4FF100408FC7D18D1F092286039BA1@condor.mhsc.com> from "Roeland Meyer" at Jan 27, 2001 01:52:11 PM
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Errors-To: owner-nanog-outgoing@merit.edu
> Ergo, I thought that it was determined as best practice that; Name
> Servers that were offered up, as references, should be root for that level.
> That is, they should be non-recursive.
I don't remember any IETF BCP making that claim.
Recursion is a tool. It can be very helpful in some
environments. In inappropriate hands (stupid/evil)
it can cause serious damage.
> Another thing missing is a further definition of <authoritative>. Some of us
> have been working with the following;
> <Authoritative servers> ::= <zone authority>|<domain level
> authority>|<authoritative resolvers>
> <zone authority> ::= Final authority for a zone, non recursive.
> <domain level authority> ::= Final authority for a DL, non recursive (ie
> a.root-servers.net, gtld-servers.net, etc).
> <authoritative resolvers> ::= recursive servers, intended for use by
> clients, that claim authority for their specific zones. These include
> stub-resolvers.
Not quite what I'd use but its an interesting approch.
Seems like there is an overlap between data origination
and data publication. (well, thats not quite right either...:)
> BTW, I consider RFC2870 antiquated, because it presupposes an architecture
> which may be outmoded or becoming outmoded rapidly. Load balancing and
> clustering technology makes RFC2870 an unnecessary waste of resources and
> can even get you into trouble.
Well, RFC2870 might just have taken a leaf from your
book and used "root" as you have indicated. Reading it
sure gives that impression.
> Yes, some of this is from work done on the ORSC roots. Yes, one of the
> largest problems we have had to overcome, at ORSC, IFWP, and ICANN/DNSO
> discussions, were semantic problems caused by overly simplistic and generic
> semantics.
> ....
> This happened
> at MSFT, ORSC, and other places that didn't join/agree/submit to
> namedroppers.
Its tough when the various parties can't reach agreement
on the basics. One would hope that discussions are continuing
between these parties and agreement on semantics can be reached.
--bill
