Re: Facebook post-mortems...

[Mark Tinka <mark@tinka.africa>]

On 10/5/21 14:52, Joe Greco wrote:

> That's not quite true.  It still gives much better clue as to what is
> going on; if a host resolves to an IP but isn't pingable/traceroutable,
> that is something that many more techy people will understand than if
> the domain is simply unresolvable.  Not everyone has the skill set and
> knowledge of DNS to understand how to track down what nameservers
> Facebook is supposed to have, and how to debug names not resolving.
> There are lots of helpdesk people who are not expert in every topic.
>
> Having DNS doesn't magically get you service back, of course, but it
> leaves a better story behind than simply vanishing from the network.

That's great for you and me who believe in and like troubleshooting.

Jane and Thando who just want their Instagram timeline feed couldn't 
care less about DNS working but network access is down. To them, it's 
broken, despite your state-of-the-art global DNS architecture.

I'm also yet to find any DNS operator who makes deploying 3rd party 
resiliency to give other random network operators in the wild 
troubleshooting joy their #1 priority for doing so :-).

On the real though, I'm all for as much useful redundancy as we can get 
away with. But given just how much we rely on the web for basic life 
these days, we need to do better about making actual services as 
resilient as we can (and have) the DNS.

Mark.