[dns-operations] .MW inconsistent zone updates?
Phil Regnauld
regnauld at nsrc.org
Thu Jun 25 10:56:32 UTC 2015
Stephane Bortzmeyer (bortzmeyer) writes:
> It has always been our policy (and, I believe, the one of the majority
> of DNS operators), that responsability and monitoring belongs to the
> _master_. If a secondary of .fr lags behind, it is _our_ role and
> responsability to detect it and to solve it (warning the secondary,
> retiring the secondary from the NS RRset, etc).
+1.
> If a secondary we host
> for .example lags behind, it is not up to us to notice, but to the
> .example managers.
To be picky: If the _zone_ .example hosted on a server which acts as
secondary, managed by you, lags behind, it is not up to you to notice :)
> A recent example was the break of isoc.org and internetsociety.org. A
> secondary name server was behind and served expired signatures. IMHO,
> the fault is 100 % on the ISOC side: they should monitor their own
> zones.
Absolutely.
Cheers,
Phil
More information about the dns-operations
mailing list