North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: TLD operations change

  • From: Sean Donelan
  • Date: Tue Aug 01 20:06:57 2000

>> Effective zone serial number 2000080101, (
>> will no longer be authoritatively answering for com, net, org.  In its place
>> ( will be added as an authoritative server
>> for com, net, org.  
> So much for O/S and hardware genetic diversity.

Apparently my comment was a bit too cryptic.

I was referring to the NSI program of NSI buying a set of identical hardware
and acting as the sole operator of the machines serving as the GTLD zone
servers. Although the NSI Registry web site confusingly indicates the root
zone servers are supporting the .com, .net and .org rather than the GTLD

  "The Registry DNS Programs Office is the business owner of the DNS (Domain
   Name System) root name servers supporting the .com, .net, and .org domains."

I agree its a good idea to seperate the operation of the root name servers and
the .com, .net and .org zone zervers.  I disagree with the method NSI used
to do this.

A much safer method, somewhat similar to how pension funds choose fund
managers, would have been to hire independent operators with different
management styles instead of NSI acting as the sole operator of all the
GTLD zone servers.  Each independent operator would make their own choice
of hardware, software, and procedures to meet the functional requirements.
Ideally they would choose a variety of different methods.  Just like you
don't want all of your pension fund managers investing in the most risky
stocks, you don't want all your operators choosing the most bleeding edge
systems.  On the other hand, you don't want only conservative operators
because they will be using machines so far behind the power curve you
won't make it until next week.  It would avoid a problem, such as a bug
in a single version of IBM equipment or a bad procedure call by one of
the operators being replicated by all the operators at the same time.

If NSI doesn't like "volunteers" (although it should be noted that several
of the current root zone "volunteers" are in fact older, more established
organizations than NSI and some provide a lot more protection than NSI
provides for its own facilities) NSI could have funded (grants, contracts,
even a cooperative agreement) several independent operators instead of
trying to act as the operator itself.  Of course, then NSI might have to
worry about one of the folks it signed a cooperative agreement trying
to claim it owned the zone files NSI hired it to act as an operator for :-)

I'm normally opposed to "outsourcing" but in this case outsourcing makes
a lot of sense.  NSI being the business owner of *ALL* the machines serving
the GTLD zone files doesn't make a lot of sense.

My basic objection is using a set of identically configured hardware
and software managed by a single operation for a "distributed" system.