[dns-operations] SE and the value of having NS in more than one TLD
Andrew Sullivan
ajs at shinkuro.com
Wed Oct 14 14:38:24 UTC 2009
On Wed, Oct 14, 2009 at 03:17:12PM +0200, Calvin Browne wrote:
> Perhaps saying something like "If you're running a large TLD, and
> it is trivially possible to remove a dependency on one single zone file,
> you may wish to investigate doing so, because others have fallen into
> that trap before. Take care to balance the added complexity, and packet
> size etc into this equation."
This is just a trade-off. It moves the failure point from one
zone-generator to different operators having different failure modes.
(One of those failures is possibly that you can't reach them when Bad
Things Happen, because they're not your own staff.) In addition,
involving multiple operators can cause funny problems where one of the
operators has a serious lag in the version of the zone they're
publishing. Depending on your operational parameters, that might be a
big deal.
It is really a matter of judgement as to which of these trades results
in a better answer. I believe that competent experts in the field can
legitimately disagree about this matter, and I don't think we should
be too hasty in promoting different rules of thumb into strong advice
about what to do.
A
--
Andrew Sullivan
ajs at shinkuro.com
Shinkuro, Inc.
More information about the dns-operations
mailing list