Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: External (not in the same domain) name server

  • From: David A. Ulevitch
  • Date: Wed Mar 03 00:29:53 2004


<quote who="Randy Bush">
>
>> And for what operational benefit?  Removal of the record(s)
>> certainly wouldn't be appropriate
>
> why not?  what is the use of a zone that is not being served?

  A query not being answered to you or the verifier is not the same thing
as a zone not being served.  (I would also assume that a failed check
would result in the zone being perhaps "queued" for more re-testing or
asking the netop to autoack something.)

I still don't see the operational benefit in removing these records. 
(Checking them could be worthwhile (see below), but removing them...why?)

<quote who="Tim Wilde">
>
> You mean http://www.cymru.com/DNS/lame.html ?
> Team Cymru have been doing
> that for ages.  Doesn't actually force the issue anywhere, but it does get
> checked and published, using contributed resolver logs.

Three comments:
1) I think there is some operational value in tracking this data for the
in-addr.arpa tree but less benefit to getting this data for general
forward nameservice (except maybe to people like you and me).

2) For Cymru's page to be of much benefit it needs a lot more resolver
contributions.  If some large, end-user ISPs submitted data it would
become much more useful.  The problem (in getting data) with this project
is that the people who submit are not necessarily the people who benefit
which provides less incentive for sysops to participate.

3) With this data published someone could check the list for lame
delegations and come to our site and setup those domains and begin using
them.  This could be used by spammers and other sludge to "borrow"
domains.  A solvable problem but one which would become substantially
easier if there was a comprehensive list of lame delegations that could be
correlated with third-party dns services.

-davidu

----------------------------------------------------
  David A. Ulevitch - Founder, EveryDNS.Net
  Washington University in St. Louis
  http://david.ulevitch.com -- http://everydns.net
----------------------------------------------------




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.