How (un)common is lack of DNS server diversity?

Greg A. Woods woods at weird.com
Sat Jan 27 23:37:56 UTC 2001


[ On Saturday, January 27, 2001 at 14:40:39 ( -0800), Roeland Meyer wrote: ]
> Subject: RE: How common is lack of DNS server diversity?
>
> Then, how do you intelligently talk about the other entities I bring up?

An "authoritative nameserver" is, well, an authoritative nameserver.
Nothing more, nothing less.  If it's registered (in the parent zone, or
the root cache/hints file in the case of a top level zone) but it's not
actually answering authoritatively (but it is answering) then it's
considered to be "lame".

Everything else describes the relationship of the zone to the root
(eg. "top level domain", "second level domain", etc.).

People who want to ascribe some meaning to who's responsible for shared
top (or sometimes second) level zones talk about "global top level
domains" and "country code top level domains" or maybe "second level
country code domains", though none of these descriptions are technically
meaningful in any way whatsoever -- they simply ascribe administrative
descriptions to ordinary top level (or maybe second level) domain names.

What more could you possibly need!?!?!?!?

The only confusing terms that have been used repeatedly everywhere and
by most everyone at one time or another are "primary" and "secondary"
nameservers (especially when they give the impression that there's only
one "secondary" nameserver).  The new BIND documentation suggests the
much better terms "master" and "slave".  There's only one master, and it
might not even be registered or visible (though BIND's named will
complain if the master listed in the SOA isn't also listed as one of the
NS records).  There can be many slaves, and not all of them need to be
registered or visible either.  Both the master and all of the slaves
will always answer authoritatively (at least to anyone who can reach
them and who they permit to query them).  Either way if they're listed
in publicly visible NS records, either in their parent zone, or within
the zone, they'd damn well better answer authoritatively!

This is not rocket science -- it's very very very simple stuff!  Anyone
comfortable with keeping lists of things and understanding hierarchical
relationships between those lists can do DNS in their sleep once they
learn a half dozen very simple rules.

I believe the reason that Internet DNS is in such a sorry state is
literally because it is so boringly simple yet particular about the tiny
details that only an accountant-type personality would care about.  We
need more accountants to do the DNS!  :-)

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods at acm.org>      <robohack!woods>
Planix, Inc. <woods at planix.com>; Secrets of the Weird <woods at weird.com>




More information about the NANOG mailing list