Renumbering and the Feb 15-16 NANOG meeting

> I'd like to see a DNS xfer protocol that allowed secondaries to be
> completely updated from a master - ie, the master could send all types
> of updates to the secondary site - mater ip address, domains to handle, etc. a secondary DNS server would be told by another which primaries it
should trust? Sounds like trouble to me. As does allowing remote

Sounds like a lot less trouble than giving someone root on my machine
because I don't want to be bothered everytime he starts providing
service for another domain.

Obviously it should have various authentication and access control

I agree that this is probably a new protocol.

If this is that often, perhaps he should be doing his own secondary DNS.
Or you could set up an automated system (perhaps with a user-friendly WWW
interface?) that authenticates username/password pairs and makes
controlled changes. Dunno about you, but I wouldn't trust my DNS
configuration to very many of our customers, authenticated or no.

Even if you do allow others to make changes, there's no reason why superuser
access is required make changes to the bootfile.

// Matt Zimmerman Chief of System Management NetRail, Inc.
// (703) 524-4800 [voice] (703) 524-4802 [data] (703) 534-5033 [fax]

Even if you do your own secondary DNS, you still should have off-site
backups 'just in case'.

/cah, and as such a backup there doesn't seem to be serving much
purpose. In the two most probable scenarios of unreachability:

1. has connectivity problems with the world: The "backup" servers
   aren't reachable either.
2. Customer has connectivity problems with The hosts to be
   resolved probably aren't reachable anyway.

When it is necessary to maintain a backup nameserver on a network
administered by someone else, and frequent changes are required for
maintenance of said nameserver, a system would be necessary to oversee
such changes. I don't think that this situation is widespread enough to
justify standardization. Most of our customers here have one or two
domains, and rarely, if ever, add more (excepting the in-addr hierarchy,
but since we assign them address space anyway, we can't unload that part
of the duty).

// Matt Zimmerman Chief of System Management NetRail, Inc.
// (703) 524-4800 [voice] (703) 524-4802 [data] (703) 534-5033 [fax]