[dns-operations] GSLB options?
Michael Sinatra
michael at rancid.berkeley.edu
Thu Oct 29 03:01:06 UTC 2009
On 10/28/09 14:57, Roland Dobbins wrote:
> Nor can operationally useful GSLB be achieved merely by manipulating
> DNS, either, as you also wisely imply (and have said elsewhere many
> times in the past, heh); that's another huge misconception surrounding
> GSLB, that one can simply play around with DNS alone and be good to go.
> It's much more complex than that.
Have any of the GSLB implementations been able to implement DNSSEC or is
it on the roadmap? Considering that they selectively return different A
records for queries and those answers typically have very low ttls, such
RRs are arguably more susceptible to various cache-poisoning methods. I
think Paul has made this point in the past; is anyone doing anything
about it?
More information about the dns-operations
mailing list