[dns-wg] DNS lameness question
- Previous message (by thread): [dns-wg] DNS lameness question
- Next message (by thread): [dns-wg] DNS lameness question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ondřej Surý
ondrej.sury at nic.cz
Tue Mar 17 11:43:36 CET 2009
On Tue, Mar 17, 2009 at 11:36 AM, Matus UHLAR - fantomas <uhlar at fantomas.sk>wrote: > Hello, > > We have received informations about DNS lameness in our reverse > delegations. > > We have delegated (most of) our reverse zones to: > > ns.nextra.sk > ns1.nextra.sk > dns.nextra.sk > dns.gtsi.sk > > Some time ago, since there were some problems, I removed the dns.nextra.sk > record from the nextra.sk zone, and assigned its IP address to > ns.nextra.sk. > No direct zones were delegated to it (hopefully, not by us), this caused no > problem there (at least not caused by us). > > However the delegations in RIPE do still point to dns.nextra.sk. There are > plenty of them, and I plan to change the NS scheme to make it more > reliable, > easier to implement and harder to abuse (e.g. naming only some of NS > records), so the structure will change even more. For this reason I decided > not to change all delegations (to spare our RIPE contacts from modifying it > all twice) until I will do that. > > However on Feb 24, RIPE sent lameness notifications to us and our RIPE > contact got angry at me for not notifying them about this change, and > requesting that I add the record back. I prefer not to do that, since my > plans are very different and customers tend to put anything to NS records > without asking. Adding CNAME record would not solve this problem since NS > must not point to CNAME (scripts at RIPE check for that, right?). > > So I'm asking you for an advice > - is it possible to mass-remove the "dns.nextra.sk" from delegations? Write an script to mass change all your delegations and send it all as GPG/PGP signed mail. - would it cause big problem if I kept it as it is, even if dns.nextra.sk > does not exist? (I hope no delegations will be removed because of this) - is there anything other to advise me? Put dns.nextra.sk back into the zone until you resolve this issue. Ondrej. -- Ondrej Sury technicky reditel/Chief Technical Officer ----------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23,120 00 Praha 2,Czech Republic mailto:ondrej.sury at nic.cz http://nic.cz/ sip:ondrej.sury at nic.cz <sip%3Aondrej.sury at nic.cz> tel:+420.222745110 mob:+420.739013699 fax:+420.222745112 ----------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://lists.ripe.net/ripe/mail/archives/dns-wg/attachments/20090317/252b90ec/attachment.html>
- Previous message (by thread): [dns-wg] DNS lameness question
- Next message (by thread): [dns-wg] DNS lameness question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]