External (not in the same domain) name server

David A. Ulevitch davidu at everydns.net
Wed Mar 3 05:27:28 UTC 2004



<quote who="Randy Bush">
>
>> And for what operational benefit?  Removal of the record(s)
>> certainly wouldn't be appropriate
>
> why not?  what is the use of a zone that is not being served?

  A query not being answered to you or the verifier is not the same thing
as a zone not being served.  (I would also assume that a failed check
would result in the zone being perhaps "queued" for more re-testing or
asking the netop to autoack something.)

I still don't see the operational benefit in removing these records. 
(Checking them could be worthwhile (see below), but removing them...why?)

<quote who="Tim Wilde">
>
> You mean http://www.cymru.com/DNS/lame.html ?
> Team Cymru have been doing
> that for ages.  Doesn't actually force the issue anywhere, but it does get
> checked and published, using contributed resolver logs.

Three comments:
1) I think there is some operational value in tracking this data for the
in-addr.arpa tree but less benefit to getting this data for general
forward nameservice (except maybe to people like you and me).

2) For Cymru's page to be of much benefit it needs a lot more resolver
contributions.  If some large, end-user ISPs submitted data it would
become much more useful.  The problem (in getting data) with this project
is that the people who submit are not necessarily the people who benefit
which provides less incentive for sysops to participate.

3) With this data published someone could check the list for lame
delegations and come to our site and setup those domains and begin using
them.  This could be used by spammers and other sludge to "borrow"
domains.  A solvable problem but one which would become substantially
easier if there was a comprehensive list of lame delegations that could be
correlated with third-party dns services.

-davidu

----------------------------------------------------
  David A. Ulevitch - Founder, EveryDNS.Net
  Washington University in St. Louis
  http://david.ulevitch.com -- http://everydns.net
----------------------------------------------------



More information about the NANOG mailing list