RE: How (un)common is lack of DNS server diversity?

From: []
Sent: Saturday, January 27, 2001 3:38 PM

[ On Saturday, January 27, 2001 at 14:40:39 ( -0800), Roeland
Meyer wrote: ]
> Subject: RE: How common is lack of DNS server diversity?
> Then, how do you intelligently talk about the other
entities I bring up?

An "authoritative nameserver" is, well, an authoritative nameserver.
Nothing more, nothing less. If it's registered (in the
parent zone, or
the root cache/hints file in the case of a top level zone)
but it's not
actually answering authoritatively (but it is answering) then it's
considered to be "lame".

Actually, in /bind/contrib, there are programs to chase down and email
hostmaster of lame servers. They are considered not-acceptable. BIND also
err-logs these, explicitly.

Everything else describes the relationship of the zone to the root
(eg. "top level domain", "second level domain", etc.).

People who want to ascribe some meaning to who's responsible
for shared
top (or sometimes second) level zones talk about "global top level
domains" and "country code top level domains" or maybe "second level
country code domains", though none of these descriptions are
meaningful in any way whatsoever -- they simply ascribe administrative
descriptions to ordinary top level (or maybe second level)
domain names.

What more could you possibly need!?!?!?!?

That's overly simplistic. Put a recursive SLD server up and see how fast the
cache gets munged.

The only confusing terms that have been used repeatedly everywhere and
by most everyone at one time or another are "primary" and "secondary"
nameservers (especially when they give the impression that
there's only
one "secondary" nameserver). The new BIND documentation suggests the
much better terms "master" and "slave". There's only one
master, and it
might not even be registered or visible (though BIND's named will
complain if the master listed in the SOA isn't also listed as
one of the
NS records). There can be many slaves, and not all of them need to be
registered or visible either. Both the master and all of the slaves
will always answer authoritatively (at least to anyone who can reach
them and who they permit to query them). Either way if they're listed
in publicly visible NS records, either in their parent zone, or within
the zone, they'd damn well better answer authoritatively!


This is not rocket science -- it's very very very simple
stuff! Anyone comfortable with keeping lists of things and understanding
hierarchical relationships between those lists can do DNS in their sleep

once they

learn a half dozen very simple rules.

I can almost agree. But the existance proof against this point is the ICANN.

I believe the reason that Internet DNS is in such a sorry state is
literally because it is so boringly simple yet particular
about the tiny
details that only an accountant-type personality would care about. We
need more accountants to do the DNS! :slight_smile:

Interesting that you bring up accountancy, there is a fair amount of $$$
invloved here.