[dns-operations] Update: FreeBSD and the slaving of the root zone

Doug Barton dougb at dougbarton.us
Thu Aug 2 21:27:02 UTC 2007 

Paul Vixie wrote:
>> 3. Remove the B and F root servers from the example at the request of
>>    their operators.
> 
> F did not request such.  doug asked the wrong question and misinterpretted
> my answer. 

This is part of what I put in the e-mail to the operators of the
axfr'able servers:

Therefore I'm writing to first offer an apology if you feel
that this was inappropriate, and second to ask if you would prefer
that I remove your server from our default named.conf. Please also let
me know if your preference would be to not have your server listed if
slaving the zones is a commented out option, and the traditional hint
zone is used by default instead.

I freely confess that I didn't understand your answer, so I erred on
the side of caution.

> if this stupid thing is to be done at all, then it would be even
> more stupid to do it without F.

This is actually more clear than your other answer, thanks.

Paul already knows this, but FYI because the option is currently
commented out I'm planning to queue changes to the file until either I
get answers from all 5 operators (I have 3 so far) or we get closer to
the final lockdown for 7.0-RELEASE. Of course in an ideal world we'd
have a better solution in place by then, but I won't hold up fixing
the conf file for that.

>> I hope that we can now dial down the volume on the meta-issue of how
>> the change was done, and focus on the operational issues of whether
>> it's a good idea or not.
> 
> is that a late apologia?

Well, apologia and apology aren't the same thing, which I point out
only because I spent a lot of time in school doing apologetics and
really hate misuse of that term. http://en.wikipedia.org/wiki/Apologia

If you're asking whether I'm apologizing or not, I've already
apologized privately to the operators of the 5 axfr'able servers, and
stated publicly here that I'm sorry I stepped on people's toes
regarding the issue of TCP not being open for all uses.

I also think it's clear that regardless of the merits (or lack
thereof) of the idea, I violated community expectations in how the
change was made (something for which I seem to have a singular talent)
and for that I am also sorry, in particular regarding people's
expectations of how FreeBSD goes about things.

hth,

Doug

-- 
    If you're never wrong, you're not trying hard enough

More information about the dns-operations mailing list