Re: Transitioning IETF DNS services

To: Brian Dickson <briand at ca.afilias.info>
Subject: Re: Transitioning IETF DNS services
From: Mark Andrews <Mark_Andrews at isc.org>
Date: Thu, 13 Dec 2007 17:11:47 +1100
Cc: "Mr. James W. Laferriere" <babydr at baby-dragons.com>, ietf maillist <ietf at ietf.org>
In-reply-to: Your message of "Thu, 13 Dec 2007 00:50:35 CDT." <4760C82B.3070404@ca.afilias.info>
List-help: <mailto:ietf-request@ietf.org?subject=help>
List-id: IETF-Discussion <ietf.ietf.org>
List-post: <mailto:ietf@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>

> Mark Andrews wrote:
> >>  	Hello Ray ,
> >>
> >> On Wed, 12 Dec 2007, Ray Pelletier wrote:
> >>     
> >>> Will all be changed to the following:
> >>>
> >>>   NS4.AMSL.COM    64.170.98.30
> >>>   NS5.AMSL.COM    64.170.98.31
> >>>   NS6.AMSL.COM    2001:5c0:9758::1:1
> >>>       
> >>  	Fmi ,  Are the preceding name servers physically diverse ?
> >>  		Tia ,  Jiml
> >>     
> >
> > 	There has to be common failure points with NS4.AMSL.COM
> > 	and NS5.AMSL.COM.  Think route announcements.
> >   
> Well, yes, of course.
> 
> The question that is more critical is, are there any elements which 
> aren't common failure points?

	For them to meet physical diversity requirement there would
	been to be /32's in the IRP.

	I suspect you will find that they are just two boxes on the
	same switch.

> If the two IPs are on one physical server, there's very little that 
> could fail without taking down both instances.
> (E.g. single disk failure, memory failure, NIC, crash/reboot, etc.)
> 
> If the two IPs were on different subnets, there would be an expectation 
> of physical diversity.
> However, the same subnet makes this less certain, thus the OP's question.
> 
> Brian

	You need both physical (power, hardware, location) and
	operational (different global prefixes, preferably different
	AS's) diversity for reliable DNS.

	It's clear from the infomation above that the later is not
	being met.

	Mark

> _______________________________________________
> Ietf mailing list
> Ietf at ietf.org
> https://www1.ietf.org/mailman/listinfo/ietf
-- 
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark_Andrews at isc.org

_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf

Follow-Ups:
- Re: Transitioning IETF DNS services
  - From: Bill Manning

References:
- Re: Transitioning IETF DNS services
  - From: Brian Dickson

Prev by Date: Re: Transitioning IETF DNS services
Next by Date: Re: Transitioning IETF DNS services
Previous by thread: Re: Transitioning IETF DNS services
Next by thread: Re: Transitioning IETF DNS services
Index(es):
- Date
- Thread

Note Well: Messages sent to this mailing list are the opinions of the senders and do not imply endorsement by the IETF.

Re: Transitioning IETF DNS services

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.