|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Just got on this thing (perhaps very belatedly) - root server trouble?
In <[email protected]>, Karl Denninger <[email protected]> wrote: > > And shouldn't "root servers" have recursive queries turned off?: > > Until VERY recently they weren't on the existing roots. And, by the way, > while we're talking about that, what is this about hosting the 800,000-some- > odd NSI domains on the roots? Nice dodge. But you do then admit to having recursion available on your "new improved r00t [email protected]" for several months, until someone else pointed it out to you? "They did the same thing a while back!" isn't an acceptable answer. (I don't even think it's true. I haven't seen a recursive query answered via a root nameserver since I started actively doing DNS administration over a year ago.) Even if that is so, you shouldn't have made the same mistake, especially *after* the operators of the IANA root servers corrected the misconfiguration. > The point at hand, though, is that we haven't had *any* operational incidents > since eDNS was launched that could be in any way traced to the other root > servers. None at all. > > Meanwhile, there have been several service-affecting issues on the > IANA-sponsored roots in the same time frame. I haven't seen any problems because of these supposed "service-affecting issues". Perhaps you should check the quality of your network connectivity? > What was that edict again? "Rough consensus and operational code"? We > certainly do seem to have that. The code's fine; it just appears you don't know how to configure it correctly. Try reading the BIND Operations Guide (BOG) next time; it says explicitly that the root nameservers should run with "options no-recursion". -- Michael Handler <[email protected]> Washington, D.C. - - - - - - - - - - - - - - - - -
|