How common is lack of DNS server diversity?

Thomas Kernen tkernen at deckpoint.ch
Sat Jan 27 03:17:06 UTC 2001




And what happens if the 4.0.0.0/8 route is flapped from the
routing table? No more DNS. So you still want route diversity
that isn't in the same block or aggregated block.

Then I guess you try and get a bunch of /24's for your name servers
but they might get filtered elsewhere by someone else.

Thomas

Sean Donelan wrote:
> 
> Mice and Men found that 38% of the .COM domains surveyed
> had all their name servers on the same subnet.  And 75%
> had one or more configuration errors.
> 
> http://www.menandmice.com/dnsplace/healthsurvey.html
> 
> DNS, like most databases, suffers from information entropy.
> 
> In other words, it takes a lot of energy to keep information
> correctly updated while it is being changed.  Anyone who has
> been Hostmaster for even a moderately sized ISP knows there
> is an amazing number of ways for people to mess up any of the
> pieces of data required to make the whole thing work.
> 
> As several people pointed out, you can't really assume close
> IP addresses are in fact topologically close on the network.
> 
> For example, if you look at the name severs for GENUITY.NET
> 
>   Domain servers in listed order:
> 
>    DNSAUTH1.SYS.GTEI.NET        4.2.49.2
>    DNSAUTH2.SYS.GTEI.NET        4.2.49.3
>    DNSAUTH3.SYS.GTEI.NET        4.2.49.4
> 
> They appear to be closely related.  However, the addresses are
> in fact routed to very diverse locations on Genuity's network.
> 
> You will find the same thing if you look at the name servers
> for UU.NET
> 
> Domain servers in listed order:
> 
>    AUTH00.NS.UU.NET             198.6.1.65
>    AUTH60.NS.UU.NET             198.6.1.181
> 
> These servers are also geographically diverse.
> 
> So I'm not sure if the 38% number is a true indication of how
> much diversity DNS servers have.




More information about the NANOG mailing list