nanog mailing list archives
Re: QWest is having some pretty nice DNS issues right now
From: Simon Waters <simonw () zynet net>
Date: Tue, 10 Jan 2006 09:12:55 +0000
On Monday 09 Jan 2006 21:26, Christopher L. Morrow wrote:
On Mon, 9 Jan 2006, Randy Bush wrote:It seems like maybe that is all too common. Are the 'best practices' documented for Authoritative DNS somewhere central?2182yes, yes.. people who care (a lot) have read this I'm sure... I was aiming a little lower :) like folks that have enterprise networks :) Or, maybe even registrars offering 'authoritative dns services' like say 'worldnic' who had most of their DNS complex shot in the head for 3 straight days :(
It is the old story of ignorance and cost, plus with DNS a "perceived loss of control". In the UK many domains are registered with a couple of the cheapest providers, who do not do off network DNS, and in the past one offered non-RFC compliant mail forwarding as a bonus. I've seen people switch the DNS part of a hosting arrangement to these guys to save about 10 USD a year. Of course people competing at those sort of price levels offer practically no service component, so even if nothing dreadful happens it still turns into a false economy. It reminds me of the firewall market, when the average punter had no idea how to assess the "security" aspects of a firewall, and so firewall vendors ended up pushing throughput, and price, as the major selling points. I know people who bought firewalls capable of handling 160Mbps of traffic, who still have it filtering a 2Mbps Internet connection, badly. By and large the big ISPs do a good job with DNS, the end users do a terrible job. I think once you get to the size where you need a person (or team) doing DNS work fulltime, it probably gets a lot easier to do it right. Perhaps I should dust off my report on the quality of DNS configurations in the South West of England, and turn it into a buyers guide? That said I don't think doing DNS right is easy. I know pretty much exactly what my current employer is doing wrong, but these failures to conform to best practice aren't as much of a priority as the other things we are doing wrong. At least in our case it is done with knowledge of what can (and likely will eventually) go wrong.
Current thread:
- Re: QWest is having some pretty nice DNS issues right now, (continued)
- Re: QWest is having some pretty nice DNS issues right now Andy Davidson (Jan 08)
- Re: QWest is having some pretty nice DNS issues right now Martin Hannigan (Jan 08)
- Re: QWest is having some pretty nice DNS issues right now Simon Waters (Jan 09)
- Re: QWest is having some pretty nice DNS issues right now Christopher L. Morrow (Jan 09)
- Re: QWest is having some pretty nice DNS issues right now bmanning (Jan 09)
- Re: QWest is having some pretty nice DNS issues right now Valdis . Kletnieks (Jan 09)
- Message not available
- Re: QWest is having some pretty nice DNS issues right now Christopher L. Morrow (Jan 09)
- Re: QWest is having some pretty nice DNS issues right now Michael Loftis (Jan 09)
- Re: QWest is having some pretty nice DNS issues right now Randy Bush (Jan 09)
- Re: QWest is having some pretty nice DNS issues right now Christopher L. Morrow (Jan 09)
- Re: QWest is having some pretty nice DNS issues right now Simon Waters (Jan 10)
- Re: QWest is having some pretty nice DNS issues right now bmanning (Jan 09)
- Message not available
- Re: QWest is having some pretty nice DNS issues right now Simon Waters (Jan 10)