[dns-operations] requirements for TLD servers
Florian Weimer
fweimer at bfk.de
Tue Mar 23 11:48:40 UTC 2010
* Alexander Mayrhofer:
> Have you looked at the new gTLD documents yet? Those are requiring 100%
> uptime for the "service" (defined as at least 2 out of the set of
> authoritative nameserver ip addresses have service), *plus* 99.9% of
> uptime for each and every ip address per month (which is 43 minutes of
> outage).
>
> Those SLAs *include* everything, even planned maintenance - and
> essentially mean that you must create an anycast-only nameserver network
> (because otherwise a single DDoS attack of more than 43 minutes against
> a single server would put you at risk of losing the gTLD contract with
> ICANN).
Anycast doesn't solve this issue. If the attack source is
sufficiently close to the point(s) of measurement, you'll still see an
outage.
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the dns-operations
mailing list