[dns-wg] Secondary service on ns.ripe.net for reverse delegations.

Jim Reid wrote:
> On May 14, 2007, at 10:20, Jørgen Hovland wrote:
> 
>> I hope this does not become mandatory, only optionally or
>> discontinue it. A very few amount of LIRs would have to send a
>> zonefile in the size of (2^96 ) * 32 * 4 * 20 bytes to
>> ns.ripe.net if it becomes mandatory.

Pardon my ignorance, but even if that were the case, what's the issue?
I would assume that by the time you become an LIR you should have the
bandwidth to do this, and the requisite DNS experience to make it as
painless as possible. But is there some hidden cost or problem that
I'm missing?

> Let's step back. Slave service for reverse zones was something the
> NCC has been doing since the dawn of time. In the early days,
> connectivity was sometimes erratic, bandwidth was limited, lame
> delegations were common and DNS skills were worse than they are
> today.

That's a scary thought. :)

> It made sense to have a robust and stable DNS platform and the NCC
> was in the position to provide that service. That was then. But
> this is now. The environment has changed. And there's less reliance
> on reverse DNS lookups these days too,

Less in some areas, but more in others (like mail, for better or 
worse). I would argue that we're in a weird world where if it doesn't 
matter, it doesn't matter at all, but if it matters it matters a lot.

> even more so in an IPv6 world.

I would argue here that this is yet to be seen, given the (sadly) low 
rate of current IPv6 deployment.

> So the questions for the WG should be IMO:
> 
> * Is there value in having the NCC provide DNS service for
> big/important reverse zones? 

I think you're asking the wrong question (although I like Ed's 
definitions of "big" and "important." :)  I would ask, "Is there value 
in the NCC making slave service for reverse zones available to those 
who receive allocations from us?" Which sort of sets the stage for the 
rest of the answers.

> * If the answer to the above question is yes, under what conditions?
 > ie What do we mean by big or important?

I think the answer to your first question is no, it should be 
available to everyone.

> * If the answer is still yes, should this service be
> compulsory or optional?

Optional, always.

> And under what conditions would optional
> use become compulsory and vice versa?

To get closer to answering the spirit of your original question, I 
don't think there is any value in requiring reverse zones from anyone. 
If a network operator wants to do a good job of providing reverse DNS, 
they will. If they don't, they won't, and short of pulling their 
allocation you can't enforce a mandatory policy anyway.

> * If the answer to the orginal question is no, what, if anything,
> does the NCC do about things like lame delegations for reverse zones
 > and the operational problems these cause the NCC?

Here's the tricky part. I think it would be a nice service for the NCC 
to offer, _if_ there are some rudimentary checks in place to make sure 
that the information is still up to date, and if the zones are dropped 
when it isn't. My opinion is that providing stale data is worse than 
providing no data at all, but I know reasonable minds can differ on 
this point.

I'd like to add one more issue indirectly raised by Ed's post. I think 
he was right to bring up cost in regards to this discussion, more so 
if you agree with my perspective that this should be an optional 
service supplied to allocees. But if you assume that the NCC is going 
to be providing DNS services for something anyway (which of course 
they are) the marginal cost of adding reverse service for allocations 
is not zero, but I don't think it's overwhelming either.


hth,

Doug

-- 
     If you're never wrong, you're not trying hard enough