register.com down sev0?
simonw at zynet.net
Wed Oct 25 16:00:21 UTC 2006
On Wednesday 25 Oct 2006 15:59, you wrote:
> just guessing but:
> 1) it's 'hard'
The reason the public facing DNS is poorly set up at the majority of
institutions is the IT guy says "lets bring it in house to give us more
control, how hard can it be?".
When if they had left it with their ISP it would be done right (along with the
thousands of others that the ISP does right).
I've seen it done dozens of times when consulting.
I have data from a personal survey that confirms this is the leading cause of
poor DNS configuration and lack of redundancy in my part of the UK.
I even have a few domains we slave to servers across several continents, and
otherwise clueful IT people pick SOA settings that still cause their domains
to expire too quickly when, had they left it to us, it would "just work".
(okay I could override those settings, but if I do that why bother letting
them master it in the first place?! "we delegated control to you, and then
overrode all your settings because they were stupid?!"). So don't let the IT
guy be a hidden master either, just leave it to the ISP.
How I reach the zillions of IT guys out there to say "don't do DNS inhouse,
you'll only mess up" is the remaining question; slashdot?
More information about the NANOG