![nanog logo](/images/nanog-logo.png)
nanog mailing list archives
Network diversity Software diversity
From: Sean Donelan <sean () donelan com>
Date: 24 Jan 2001 17:19:29 -0800
Although several people have leaped on the apparent lack of network diversity in Microsoft name servers, there is a more general problem which also affects networks using BIND. Using FreeBSD and BIND on *ALL* your name servers may be just as bad a practice as using Windows 2000 and Microsoft DNS on *ALL* your name servers. I still think NSI is taking a tremendous risk using identical servers for all their GTLD-servers, even though they are geographically distributed. You might try using UltraDNS on half your critical nameservers and BIND on the other half. And even using Solaris on some of the boxes and AIX or Linux, or NetBSD on the others. This is not because I think one or the other has a fatal flaw, but because software is a hard beast to manage. The idea behind diversity isn't you will never have an error. But the errors are unlikely to strike both servers at the same time. If you use identical servers and identical software, no matter how geopgrahically dispersed, a software flaw will affect all your servers at the same time. Software is what crashed the ATT long distance network, the Worldcom frame-relay network, and even the one incident which took out the entire ARPANET.
Current thread:
- Network diversity Software diversity Sean Donelan (Feb 24)
- Re: Network diversity Software diversity Bill Woodcock (Feb 24)
- Re: Network diversity Software diversity Greg A. Woods (Feb 24)
- <Possible follow-ups>
- RE: Network diversity Software diversity Roeland Meyer (Feb 24)
- RE: Network diversity Software diversity Eric Germann (Feb 24)
- RE: Network diversity Software diversity Roeland Meyer (Feb 24)
- RE: Network diversity Software diversity Eric Germann (Feb 24)
- Re: Network diversity Software diversity Steve Sobol (Feb 24)
- Re: Network diversity Software diversity John Fraizer (Feb 24)
- RE: Network diversity Software diversity Roeland Meyer (Feb 24)
- Re: Network diversity Software diversity Valdis . Kletnieks (Feb 24)
(Thread continues...)