Numbering nameservers and resolvers

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Mon Aug 16 02:14:53 CDT 2010


On Sun, 15 Aug 2010 23:49:05 PDT, Mike said:
> I am needing to renumber some core infrastructure - namely, my 
> nameservers and my resolvers - and I was wondering if the collective 
> wisdom still says heck yes keep this stuff all on seperate subnets away 
> from eachother? Anyone got advice either way

Microsoft used to have all their DNS servers on one /24.  Nine years later,
you can still use Google on just 'microsoft dns server failure subnet' and
find this on the second page of over a million hits:

http://www.wired.com/techbiz/media/news/2001/01/41423

(OK, so our local resolvers are in one /24, but it's a bridged VLAN across our
entire campus, the servers are physically in buildings several miles apart, and
if you can't reach at least one of them, it probably means our campus core
network is hosed enough that you're not going to do anything with a DNS
response anyhow... Our authoritative servers are split across 2 different AS's
in 2 different states.)

Whatever gave you the idea that collective wisdom could *possibly* have
moved away from "spread it out as far as you can to avoid single points of
failure"?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20100816/04ec85ce/attachment.bin>


More information about the NANOG mailing list