RE: How (un)common is lack of DNS server diversity?

[Roeland Meyer <rmeyer () mhsc com>]

> From: woods () weird com [mailto:woods () weird com]
> Sent: Saturday, January 27, 2001 3:38 PM

> [ On Saturday, January 27, 2001 at 14:40:39 ( -0800), Roeland 
> Meyer wrote: ]
> > Subject: RE: How common is lack of DNS server diversity?
> >
> > Then, how do you intelligently talk about the other 
> entities I bring up?
>
> An "authoritative nameserver" is, well, an authoritative nameserver.
> Nothing more, nothing less.  If it's registered (in the 
> parent zone, or
> the root cache/hints file in the case of a top level zone) 
> but it's not
> actually answering authoritatively (but it is answering) then it's
> considered to be "lame".

Actually, in /bind/contrib, there are programs to chase down and email
hostmaster of lame servers. They are considered not-acceptable. BIND also
err-logs these, explicitly.

> Everything else describes the relationship of the zone to the root
> (eg. "top level domain", "second level domain", etc.).

> People who want to ascribe some meaning to who's responsible 
> for shared
> top (or sometimes second) level zones talk about "global top level
> domains" and "country code top level domains" or maybe "second level
> country code domains", though none of these descriptions are 
> technically
> meaningful in any way whatsoever -- they simply ascribe administrative
> descriptions to ordinary top level (or maybe second level) 
> domain names.
>
> What more could you possibly need!?!?!?!?

That's overly simplistic. Put a recursive SLD server up and see how fast the
cache gets munged.

> The only confusing terms that have been used repeatedly everywhere and
> by most everyone at one time or another are "primary" and "secondary"
> nameservers (especially when they give the impression that 
> there's only
> one "secondary" nameserver).  The new BIND documentation suggests the
> much better terms "master" and "slave".  There's only one 
> master, and it
> might not even be registered or visible (though BIND's named will
> complain if the master listed in the SOA isn't also listed as 
> one of the
> NS records).  There can be many slaves, and not all of them need to be
> registered or visible either.  Both the master and all of the slaves
> will always answer authoritatively (at least to anyone who can reach
> them and who they permit to query them).  Either way if they're listed
> in publicly visible NS records, either in their parent zone, or within
> the zone, they'd damn well better answer authoritatively!

Agreed.

> This is not rocket science -- it's very very very simple 
> stuff!  Anyone comfortable with keeping lists of things and understanding 
> hierarchical relationships between those lists can do DNS in their sleep
once they
> learn a half dozen very simple rules.

I can almost agree. But the existance proof against this point is the ICANN.

> I believe the reason that Internet DNS is in such a sorry state is
> literally because it is so boringly simple yet particular 
> about the tiny
> details that only an accountant-type personality would care about.  We
> need more accountants to do the DNS!  :-)

Interesting that you bring up accountancy, there is a fair amount of $$$
invloved here.