nanog mailing list archives

Re: Slaving the root and other top-level DNS zones

From: Doug Barton <dougb () dougbarton us>
Date: Wed, 16 Feb 2011 22:54:14 -0800

On 02/16/2011 22:16, Phil Regnauld wrote:

Doug Barton (dougb) writes:

Actually it seems like you want to jump up and down on it. Given
that both the benefits and the potential problems have been
extensively debated elsewhere, I'll simply say that you raise
interesting questions that I think people interested in this method
should answer for themselves.


        So, you're advocating

This is the second time you've made this claim, I ignored it the firsttime, but let me be clear. I'm not advocating anything. Someone elseasked if it made sense to do so, and I responded. Yes, the FreeBSDnamed.conf states that there are advantages to this method, it alsostates that there are things to be careful about.

      a method that potentially fragilizes one's
        DNS infrastructure, but you're not providing factual data backing
        up the purported advantages,

Nope, I'm saying that it's all been discussed before, and this isn't theforum to discuss it in more detail.

      and actually leave it up to the users to
        find out for themselves ?  Gee, that's a seller :)

I think you'd be pretty foolish to not carefully weigh the pros and consfor yourself before making any change of this nature to something ascritical as DNS, and I include things that I _do_ advocate in thatcategory like DNSSEC and IPv6.

     Now, I'm not being skeptical here, but you put the arguments for
     slaving the top level zones as a win-only situation.


And for me, and a lot of others it has been. If you have something
new to contribute in regards to the negatives I'm happy to listen,
although this might not be the best forum.


        Well, I was trying to raise constructive criticism - and hoped you
        would reply by providing links to resources/references summarizing the
        advantages, with more than empirical claims.

        But agreed, this is best discussed elsewhere :)


Funny how you keep saying that ....


Doug

--

        Nothin' ever doesn't change, but nothin' changes much.
                        -- OK Go

        Breadth of IT experience, and depth of knowledge in the DNS.
        Yours for the right price.  :)  http://SupersetSolutions.com/

Current thread:

Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete, (continued)
- - - Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Doug Barton (Feb 16)
  - Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Joe Abley (Feb 16)
    - Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Doug Barton (Feb 16)
    - Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Joe Abley (Feb 16)
    - Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Franck Martin (Feb 16)
    - Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Doug Barton (Feb 16)
    - Slaving the root and other top-level DNS zones Phil Regnauld (Feb 16)
    - Re: Slaving the root and other top-level DNS zones Valdis . Kletnieks (Feb 16)
    - Re: Slaving the root and other top-level DNS zones Doug Barton (Feb 16)
    - Re: Slaving the root and other top-level DNS zones Phil Regnauld (Feb 16)
    - Re: Slaving the root and other top-level DNS zones Doug Barton (Feb 16)
  - Re: Fwd: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Wolfgang Nagele (Feb 17)
    - Re: Fwd: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Doug Barton (Feb 17)
- Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete David Conrad (Feb 16)
  - Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Joe Abley (Feb 17)
    - Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete David Conrad (Feb 17)
    - Re: [arin-announce] IN-ADDR.ARPA Zone Transfer Complete Wolfgang Nagele (Feb 17)