[dns-operations] auth servers in different TLDs
markjr at easydns.com
Tue Apr 17 14:39:18 UTC 2018
Frederico A C Neves wrote:
>> And this,
>> easydns.com. 600 IN NS dns4.easydns.info.
>> easydns.com. 600 IN NS dns1.easydns.com.
>> easydns.com. 600 IN NS dns2.easydns.net.
>> easydns.com. 600 IN NS dns3.easydns.org.
As has been pointed out, it's a trade off, and in practical terms the
odds of a major TLD like .COM going down are remote.
But I always tend to err on the side of redundancy. I call this type of
approach "TLD redundancy" in the f***ing book (which is now, finally,
coming out on Packt, this year, thank gawd).
One of the technical reviewers of an earlier draft noted that adding
redundancy also increases the attack surface, which I've incorporated
into the text.
>From experience I've seen more outages and carnage from "eggs in one
basket" than I have from enlarged attack surface, but maybe I'm just not
seeing the full spectrum of the latter.
Mark Jeftovic <markjr at easydns.com>
Founder & CEO, easyDNS Technologies Inc.
More information about the dns-operations