[dns-operations] auth servers in different TLDs

Mark Jeftovic markjr at easydns.com
Tue Apr 17 14:39:18 UTC 2018

Frederico A C Neves wrote:

>> And this,
>> easydns.com.            600     IN      NS      dns4.easydns.info.
>> easydns.com.            600     IN      NS      dns1.easydns.com.
>> easydns.com.            600     IN      NS      dns2.easydns.net.
>> easydns.com.            600     IN      NS      dns3.easydns.org.

As has been pointed out, it's a trade off, and in practical terms the
odds of a major TLD like .COM going down are remote.

But I always tend to err on the side of redundancy. I call this type of
approach "TLD redundancy" in the f***ing book (which is now, finally,
coming out on Packt, this year, thank gawd).

One of the technical reviewers of an earlier draft noted that adding
redundancy also increases the attack surface, which I've incorporated
into the text.

>From experience I've seen more outages and carnage from "eggs in one
basket" than I have from enlarged attack surface, but maybe I'm just not
seeing the full spectrum of the latter.

- mark

Mark Jeftovic <markjr at easydns.com>
Founder & CEO, easyDNS Technologies Inc.

More information about the dns-operations mailing list