How common is lack of DNS server diversity?
Thomas Kernen
tkernen at deckpoint.ch
Sat Jan 27 03:17:06 UTC 2001
And what happens if the 4.0.0.0/8 route is flapped from the
routing table? No more DNS. So you still want route diversity
that isn't in the same block or aggregated block.
Then I guess you try and get a bunch of /24's for your name servers
but they might get filtered elsewhere by someone else.
Thomas
Sean Donelan wrote:
>
> Mice and Men found that 38% of the .COM domains surveyed
> had all their name servers on the same subnet. And 75%
> had one or more configuration errors.
>
> http://www.menandmice.com/dnsplace/healthsurvey.html
>
> DNS, like most databases, suffers from information entropy.
>
> In other words, it takes a lot of energy to keep information
> correctly updated while it is being changed. Anyone who has
> been Hostmaster for even a moderately sized ISP knows there
> is an amazing number of ways for people to mess up any of the
> pieces of data required to make the whole thing work.
>
> As several people pointed out, you can't really assume close
> IP addresses are in fact topologically close on the network.
>
> For example, if you look at the name severs for GENUITY.NET
>
> Domain servers in listed order:
>
> DNSAUTH1.SYS.GTEI.NET 4.2.49.2
> DNSAUTH2.SYS.GTEI.NET 4.2.49.3
> DNSAUTH3.SYS.GTEI.NET 4.2.49.4
>
> They appear to be closely related. However, the addresses are
> in fact routed to very diverse locations on Genuity's network.
>
> You will find the same thing if you look at the name servers
> for UU.NET
>
> Domain servers in listed order:
>
> AUTH00.NS.UU.NET 198.6.1.65
> AUTH60.NS.UU.NET 198.6.1.181
>
> These servers are also geographically diverse.
>
> So I'm not sure if the 38% number is a true indication of how
> much diversity DNS servers have.
More information about the NANOG
mailing list