[dns-operations] Shameless plug for our Zonecheck software (Was: af.mil DNS issue
John Payne
john at sackheads.org
Mon Jul 3 20:38:35 UTC 2006
On Jul 3, 2006, at 3:58 PM, Stephane Bortzmeyer wrote:
> On Sat, Jul 01, 2006 at 08:38:11PM -0700,
> John Payne <john at sackheads.org> wrote
> a message of 52 lines which said:
>
>> TTBOMK $employer has never supported 53/tcp and as nobody has
>> complained about it,
>
> <old_timer> I'm very skeptical about such claims. We all know (or
> should know) that many people never complain or, more exactly, never
> complain to *you* - but do report the hassles to their colleagues,
> friends, etc. The fact that they never filled in the Web form "Report
> a problem" is no proof to me. </old_timer>
Let's just be very clear that I'm not talking FOR my employer at this
point...
but if it was more than a significant minority that relied on TCP
queries I am
very confident that we would have heard about it by now. My employer
has
a lot of customers with very high profile websites. I was looking
for publically
released numbers, but I can't find any right now.... but the numbers
of hits/sec
are VERY large... and the TTLs to our A records are very low.
> <Unix_dinosaur> Most people are not able to diagnose "random" DNS
> problems and to identify the lack of TCP as the root of the
> problem. <Unix_dinosaur>
That's probably because in my experience, the lack of TCP is NEVER the
root of the problem.
>
>> Every once in a blue moon we get a "why can't we transfer our .fr
>> zone to your servers?" but that's about it.
>
> So, nobody complains but sometimes someone complains?
Nobody complains about the lack of TCP.
Sometimes people complain that they can't transfer a .fr zone to our
servers.
Two different complaint paths, related only in AFNIC's demand for TCP.
> We sometimes (I did not check the moon at these times) have "dialogues
> of the deafs" problems with customers who use a DNS hoster.
>
> AFNIC: you should enable TCP/53
> Customer: my DNS provider does not want to
> AFNIC: you're his customer, ask him
> Customer: he does not want, he says DNS work without TCP/53
> AFNIC: can we get in touch directly with them to explain?
> Customer: do you speak english? Because I don't and I don't
> understand them
I think the problem in that chain starts with:
AFNIC: you should enable TCP/53
More information about the dns-operations
mailing list