[dns-operations] Hearing first complains about failing internal resolving due to .prod TLD

Paul Hoffman paul.hoffman at vpnc.org
Mon Sep 15 18:21:25 UTC 2014

On Sep 15, 2014, at 10:00 AM, Wessels, Duane <dwessels at verisign.com> wrote:

> On Sep 11, 2014, at 6:12 PM, Paul Hoffman <paul.hoffman at vpnc.org> wrote:
>> On Sep 11, 2014, at 4:27 PM, Paul Vixie <paul at redbarn.org> wrote:
>>> for the time being, and perhaps for a long time to come, the
>>> people who call the presence of .PROD a bug and/or depend on its absence
>>> as a feature, outnumbers and will outnumber the people who call it a
>>> feature or who will call its absence a bug.
>> How do you measure that? This is a serious question, one that affects DNS operators. If you have a way of determining how many enterprises are negatively affected as a new gTLD rolls out, that would be very useful information.
> ICANN chose to not require logging for controlled interruption, so measuring
> it like that will be difficult.  However, enterprises can make their own
> measurements.

Both are true.

> Over the weekend I updated dnstop[1] so that it will show queries for names
> in the new gTLDs.  An enterprise or other organization that depends on
> not-fully-qualified names internally may want to run dnstop with this
> filter to see if they are leaking queries and relying on NXDOMAIN responses.
> e.g.,
>  $ sudo dnstop -f new-gtlds eth0
> DW
> [1] http://dns.measurement-factory.com/tools/dnstop/

Excellent! Of course, the likelihood of any of them doing that is nearly zero, but it would be grand if they did. Maybe try to get this into the Verisign Twitstream.

--Paul Hoffman

More information about the dns-operations mailing list