North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: QWest is having some pretty nice DNS issues right now

  • From: Christopher L. Morrow
  • Date: Mon Jan 09 13:20:34 2006

On Mon, 9 Jan 2006 [email protected] wrote:

> On Mon, Jan 09, 2006 at 05:30:12PM +0000, Christopher L. Morrow wrote:
> >
> > On Mon, 9 Jan 2006, Simon Waters wrote:
> >
> > >
> > > On Saturday 07 Jan 2006 02:54, you wrote:
> > > >
> > > > While it's tempting to make fun of Qwest here, variations on this theme -
> > >
> > > I do agree the management issue with DNS are far harder, and here longer TTL
> > > are a double edged sword. But it is hard to design a system where the
> > > mistakes don't propagate to every DNS server, although some of the common
> > > tools do make it easier to check things are okay before updates are unleased.
> >
> > What's interesting to me, atleast, is that this is about the 5th time
> > someone has said similar things in the last 6 months: "DNS is harder than
> > I thought it was" (or something along that line...)
> >
> > So, do most folks think:
> > 1) get domain-name
> > 2) get 2 machines for DNS servers
> > 3) put ips in TLD system and roll!
> >
> > It seems like maybe that is all too common. Are the 'best practices'
> > documented for Authoritative DNS somewhere central? Are they just not well
> > publicized? Do registrars offer this information for end-users/clients? Do
> > they show how their hosted solutions are better/works/in-compliance-with
> > these best practices? (worldnic comes to mind)
> >
> > Should this perhaps be better documented and presented at a future NANOG
> > meeting? (and thus placed online in presentation format)
> >
> > -Chris
>
> 	IETF tech transfer failure...  see RFC 2870 (mislabled as
> 	root-server) for TLD zone machine best practices from several
> 	years ago... for even older guidelines ... RFC 1219.

Perhaps this falls under: "better documented" or "easy to find" or "not
publicized" ? I'd be interested to see how many DNS hosting providers
actually follow these themselves. Take EasyDNS for example (since they are
on my mind, due to their GOOD service actually):

easydns.com.    3600    NS      ns1.easydns.com.
easydns.com.    3600    NS      ns2.easydns.com.
easydns.com.    3600    NS      remote1.easydns.com.
easydns.com.    3600    NS      remote2.easydns.com.
NS1.easydns.com.        3600    A       216.220.40.243
NS2.easydns.com.        29449   A       209.200.151.4
remote1.easydns.com.    29434   A       209.200.131.4
remote2.easydns.com.    29428   A       205.210.42.20

CIDR:       205.210.42.0/24
NetName:    SHMOOZE-NET
prolexic/Prime Communications Ltd. DONBEST (NET-209-200-131-0-1)
                                  209.200.131.0 - 209.200.131.255
NetRange:   216.220.32.0 - 216.220.63.255
CIDR:       216.220.32.0/19
NetName:    Q9-NET1
NetRange:   209.200.128.0 - 209.200.191.255
CIDR:       209.200.128.0/18
NetName:    PROLEXIC

So, 4 ips, 3 ISP's 3 route objects... they seem to atleast follow some of
the requirements.

-Chris