[dns-operations] requirements for TLD servers

Florian Weimer fweimer at bfk.de
Tue Mar 23 11:48:40 UTC 2010

* Alexander Mayrhofer:

> Have you looked at the new gTLD documents yet? Those are requiring 100%
> uptime for the "service" (defined as at least 2 out of the set of
> authoritative nameserver ip addresses have service), *plus* 99.9% of
> uptime for each and every ip address per month (which is 43 minutes of
> outage). 
> Those SLAs *include* everything, even planned maintenance - and
> essentially mean that you must create an anycast-only nameserver network
> (because otherwise a single DDoS attack of more than 43 minutes against
> a single server would put you at risk of losing the gTLD contract with

Anycast doesn't solve this issue.  If the attack source is
sufficiently close to the point(s) of measurement, you'll still see an

Florian Weimer                <fweimer at bfk.de>
BFK edv-consulting GmbH       http://www.bfk.de/
Kriegsstraße 100              tel: +49-721-96201-1
D-76133 Karlsruhe             fax: +49-721-96201-99

More information about the dns-operations mailing list