[dns-operations] requirements for TLD servers

Florian Weimer fweimer at bfk.de
Tue Mar 23 11:48:40 UTC 2010


* Alexander Mayrhofer:

> Have you looked at the new gTLD documents yet? Those are requiring 100%
> uptime for the "service" (defined as at least 2 out of the set of
> authoritative nameserver ip addresses have service), *plus* 99.9% of
> uptime for each and every ip address per month (which is 43 minutes of
> outage). 
>
> Those SLAs *include* everything, even planned maintenance - and
> essentially mean that you must create an anycast-only nameserver network
> (because otherwise a single DDoS attack of more than 43 minutes against
> a single server would put you at risk of losing the gTLD contract with
> ICANN).

Anycast doesn't solve this issue.  If the attack source is
sufficiently close to the point(s) of measurement, you'll still see an
outage.

-- 
Florian Weimer                <fweimer at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99



More information about the dns-operations mailing list