Weird DNS issues for domains
Todd Vierling
tv at duh.org
Thu Sep 29 19:46:06 UTC 2005
On Thu, 29 Sep 2005, Randy Bush wrote:
> >> You might want to consider reading RFC 2182 though, particularly the
> >> part about geographically diverse nameservers.
> > Yeah, yeah, that is overrated. If my site goes dark and my DNS goes
> > down it doesn't really matter as the bandwidth and the web server
> > will also be down.
>
> and folk who would otherwise spool mail for you will throw it
> on the floor. enjoy.
As I tried to explain in the other response, if this were the case with said
unnamed MTAs, then a simple tier-1 outage (which is not all that uncommon)
or a site under packet flood attacks would cause immediate bounces due to
DNS timeouts. The same thing applies to a site whose DNS is simply
unreachable because its link is down.
When a MTA gets a failed lookup response, it should retry. When the domain
*does* resolve, but resolves to *empty or nonexistent*, then the mail should
bounce. When a DNS server is unreachable, it can hardly return a NXDOMAIN
back to the requestor. 8-P
--
-- Todd Vierling <tv at duh.org> <tv at pobox.com> <todd at vierling.name>
More information about the NANOG
mailing list