a message of 28 lines which said:
I know few registry/registrars which do not accept both (or all)
name servers of domain name on same subnet.
Since my employer is one of these registries, let me mention that I
fully agree with David Conrad here.
a message of 42 lines which said:
I am building redundancy within that setup. I mean it will be
software based BGP so if hardware if fried up, it will break BGP
session and pull off routes anyway and for cases like DNS server
(software) failure, I will monitor it via simple bash script which
can turn bgp daemon down.
You will address *some* failure modes with this setup but not
all. Again, see David Conrad's examples of a fat finger adding your
prefix in a route-map.
How does your employer know if two nameservers (two IP addresses) are
on the same subnet?
-- Brett
Registrars are still rocking classful routing like its 1993.
As long as they are covered by the same BGP anouncement they are
NOT redundant. It shouldn't be that hard for registrars to take a
full bgp feed and use it to validate. If it's in the same /24 for
IPv4 it may as well be in the same subnet even if you have smaller
subnets internally. The world only listens to the one announcement.
For those of you who thing that if your net is down you don't need
to be able to respond to DNS requests, the DNS is not designed to
handle non reachable zones. It's designed to handle some of the
nameservers for a zone being unreachable.
Mark
a message of 15 lines which said:
How does your employer know if two nameservers (two IP addresses) are
on the same subnet?
The current heuristic for IPv4 is "belongs in the same /28" (and /64
for IPv6). Otherwise, Mark Andrews is right, we should use a BGP feed
but it would be complicated for a command-line tool.