[dns-operations] Unplanned DLV zone outage on 2009-Apr-06

Joe Abley jabley at hopcount.ca
Tue Apr 7 15:22:45 UTC 2009

On 7-Apr-2009, at 06:40, Lutz Donnerhacke wrote:

> * David Conrad wrote:
>> way, but as you yourself so frequently point out, the root servers  
>> are
>> independently run and there are a bunch of them with their own
>> policies and processes whereas DLV is run by ISC only.
> There are other DLV providers. You can choose. Please stop throwing  
> FUD on
> ISC's activities.

I tried to track down the answers to the following by reading  
documentation, but I failed (which probably has more to do with me  
than the documentation).

I also don't know of a DLV registry other than ISC's, so it's  
difficult to find answers by experimentation. I guess I could set up  
and host my own DLV zone.

Can you configure multiple DLV zones on an unbound or BIND9 validator?  
What's the behaviour in the case that data exists in just one DLV  
zone, and what's the behaviour if multiple DLV zones contain different  
data? What about if one DLV zone is inaccessible, but others aren't?

If you can't configure more than one DLV zone, then surely the single  
point of failure does indeed exist, despite the fact that you get to  
choose the SPOF your validator depends on.


More information about the dns-operations mailing list