nanog mailing list archives
Re: AW: Odd policy question.
From: "Jeffrey I. Schiller" <jis () MIT EDU>
Date: Sat, 14 Jan 2006 17:06:20 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Foolish me. Indeed all that is required is a way to detect that the
delegation is lame (hopefully in a secure fashion) and remove the lame
delegations. Of course that does leave the problem of what to do if all
of the delegations are lame, as Randy has alluded to.
-Jeff
Randy Bush wrote:
As an engineer, I believe we would need a protocol that would permit someone to query an IP address to ask what DNS domains it may be an NS for.this addresses neither the issue of longevity nor that of whether it is authoritative for a particular domain which is proposed to be, or has been, delegated to it. and please note that delegation is not to an ip address, but rather to an fqdn. the only time the two are bound is when a delegatee is within the zone being delegated, so the delegator needs to insert a glue a rr. i run a very small registry for some cctlds. my scripts do specifically check that all servers to which a delegation is proposed are actually serving the zone, and will not delegate if they are not. i also check for 2182 compliance in a crude manner. i also check that the ns rrset held by the servers is that to which delegation is requested. i would gladly re-run the delegation checks against the zone files periodically. but i do not as i don't know what to do when (not if) i find lamers. it seems a bit drastic to just remove delegation. but i know from experience that email to the pocs will get no useful response. randy
- -- ============================================================================= Jeffrey I. Schiller MIT Network Manager Information Services and Technology Massachusetts Institute of Technology 77 Massachusetts Avenue Room W92-190 Cambridge, MA 02139-4307 617.253.0161 - Voice jis () mit edu ============================================================================ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDyXXb8CBzV/QUlSsRAh97AJ41jM/8ys9Bf3YT/nb7KpnwDuDyygCfXNqc xxfbv+A2ccN9mjLzzLo1N/o= =iKOl -----END PGP SIGNATURE-----
Current thread:
- Re: AW: Odd policy question., (continued)
- Re: AW: Odd policy question. David W. Hankins (Jan 13)
- Re: AW: Odd policy question. Randy Bush (Jan 13)
- Re: AW: Odd policy question. David W. Hankins (Jan 13)
- Re: AW: Odd policy question. Jeffrey I. Schiller (Jan 13)
- Re: AW: Odd policy question. Sean Donelan (Jan 13)
- Re: AW: Odd policy question. Joe Abley (Jan 13)
- Re: AW: Odd policy question. william(at)elan.net (Jan 13)
- Re: AW: Odd policy question. Martin Hannigan (Jan 13)
- Re: AW: Odd policy question. Jeffrey I. Schiller (Jan 14)
- Re: AW: Odd policy question. Randy Bush (Jan 14)
- Re: AW: Odd policy question. Jeffrey I. Schiller (Jan 14)
- Re: AW: Odd policy question. Randy Bush (Jan 14)
- Re: AW: Odd policy question. Jeffrey I. Schiller (Jan 14)
- Re: AW: Odd policy question. David W. Hankins (Jan 17)
- Re: AW: Odd policy question. Valdis . Kletnieks (Jan 14)
- Re: AW: Odd policy question. Joseph S D Yao (Jan 14)
- Re: AW: Odd policy question. Martin Hannigan (Jan 13)
- Re: AW: Odd policy question. Christopher L. Morrow (Jan 13)
- Re: AW: Odd policy question. Martin Hannigan (Jan 13)
- Re: AW: Odd policy question. Florian Weimer (Jan 14)