Dyn DDoS this AM?

joel jaeggli joelja at bogus.com
Fri Oct 21 23:04:41 UTC 2016


On 10/21/16 3:21 PM, David Birdsong wrote:
> On Fri, Oct 21, 2016 at 2:58 PM, Randy Bush <randy at psg.com> wrote:
>
>> anyone who relies on a single dns provider is just asking for stuff such
>> as this.
>>
>> randy
>>
> I'd love to hear how others are handling the overhead of managing two dns
> providers. Every time we brainstorm on it, we see it as blackhole of eng
> effort WRT to keeping them in sync and and then waiting for TTLs to cut an
> entire delegation over.

Not all the ones you might choose based on scale support axfr... That's
a bit of a problem for the most traditional approach to this., of those 
that do it's straight-forward to use one as the master for another, or
use a hidden master. Your own master may have demonstrably lower
availability then one or the other of your providers. getting two well
considered choices to play nice with each other isn't that hard.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20161021/3f2942ec/attachment.pgp>


More information about the NANOG mailing list