[dns-operations] Reporting glue as authoritive data -- Bug!

Edward Lewis Ed.Lewis at neustar.biz
Thu Jan 31 15:20:06 UTC 2008

At 4:58 +0000 1/31/08, Paul Vixie wrote:

>plenty of delegation-only domains including TLD's are served by all-BIND9,
>and so would already have hit this problem if it were still a problem.

I don't agree with that logic.

 From my perspective there are two cases in which I have seen hybrids. 
I've described them before, now I'll call them the ARPA one and the 
Ultra one.

The ARPA one I know full well, it was a unique case of ARPA-NET-COM 
interrelations.  Other TLDs might have a few cases of this double 
side step, but it ARPA is rife with it.  Because this hits NET and 
COM, Verisign's ATLAS is pretty well justified in using hybrids.  And 
it might be that is it the only place they are needed.  My point 
being, it might be that this is a problem unique to what COM and NET 
see - or more accurately - have seen (in the past).

The Ultra one I frankly know less well, I have just a few comments 
internally to go on.  There are so many unknowns it might be that 
Ultra is another special case.  The tipping issue now is, can I 
convince the managers to take a look into removing hybrids or 
justifying the continuance of hybrids?  If you have ever worked in a 
service providing operation you will understand the steps to do this. 
If you haven't and think it is easy, I invite you to walk a bit in my 
shoes.  (I want to stress this is not something unique to my 
employer, I learned the dynamics many organizations ago and have seen 
the dynamics in varying degrees every where I've been since.)

OTOH, you might be right.  The question is, what should be done about 
it.  I'll address that in a different response (to Lutz's following 

Edward Lewis                                                +1-571-434-5468

Think glocally.  Act confused.

More information about the dns-operations mailing list