Home page logo

nanog logo nanog mailing list archives

Re: QWest is having some pretty nice DNS issues right now
From: "Christopher L. Morrow" <christopher.morrow () mci com>
Date: Mon, 09 Jan 2006 18:19:22 +0000 (GMT)

On Mon, 9 Jan 2006 bmanning () vacation karoshi com wrote:

On Mon, Jan 09, 2006 at 05:30:12PM +0000, Christopher L. Morrow wrote:

On Mon, 9 Jan 2006, Simon Waters wrote:

On Saturday 07 Jan 2006 02:54, you wrote:

While it's tempting to make fun of Qwest here, variations on this theme -

I do agree the management issue with DNS are far harder, and here longer TTL
are a double edged sword. But it is hard to design a system where the
mistakes don't propagate to every DNS server, although some of the common
tools do make it easier to check things are okay before updates are unleased.

What's interesting to me, atleast, is that this is about the 5th time
someone has said similar things in the last 6 months: "DNS is harder than
I thought it was" (or something along that line...)

So, do most folks think:
1) get domain-name
2) get 2 machines for DNS servers
3) put ips in TLD system and roll!

It seems like maybe that is all too common. Are the 'best practices'
documented for Authoritative DNS somewhere central? Are they just not well
publicized? Do registrars offer this information for end-users/clients? Do
they show how their hosted solutions are better/works/in-compliance-with
these best practices? (worldnic comes to mind)

Should this perhaps be better documented and presented at a future NANOG
meeting? (and thus placed online in presentation format)


      IETF tech transfer failure...  see RFC 2870 (mislabled as
      root-server) for TLD zone machine best practices from several
      years ago... for even older guidelines ... RFC 1219.

Perhaps this falls under: "better documented" or "easy to find" or "not
publicized" ? I'd be interested to see how many DNS hosting providers
actually follow these themselves. Take EasyDNS for example (since they are
on my mind, due to their GOOD service actually):

easydns.com.    3600    NS      ns1.easydns.com.
easydns.com.    3600    NS      ns2.easydns.com.
easydns.com.    3600    NS      remote1.easydns.com.
easydns.com.    3600    NS      remote2.easydns.com.
NS1.easydns.com.        3600    A
NS2.easydns.com.        29449   A
remote1.easydns.com.    29434   A
remote2.easydns.com.    29428   A

prolexic/Prime Communications Ltd. DONBEST (NET-209-200-131-0-1)
NetRange: -
NetName:    Q9-NET1
NetRange: -
NetName:    PROLEXIC

So, 4 ips, 3 ISP's 3 route objects... they seem to atleast follow some of
the requirements.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]