This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[dns-wg] DNS lameness question
- Previous message (by thread): [dns-wg] DNS lameness question
- Next message (by thread): [dns-wg] DNS lameness question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Ondřej Surý
ondrej.sury at nic.cz
Tue Mar 17 11:43:36 CET 2009
On Tue, Mar 17, 2009 at 11:36 AM, Matus UHLAR - fantomas <uhlar at fantomas.sk>wrote: > Hello, > > We have received informations about DNS lameness in our reverse > delegations. > > We have delegated (most of) our reverse zones to: > > ns.nextra.sk > ns1.nextra.sk > dns.nextra.sk > dns.gtsi.sk > > Some time ago, since there were some problems, I removed the dns.nextra.sk > record from the nextra.sk zone, and assigned its IP address to > ns.nextra.sk. > No direct zones were delegated to it (hopefully, not by us), this caused no > problem there (at least not caused by us). > > However the delegations in RIPE do still point to dns.nextra.sk. There are > plenty of them, and I plan to change the NS scheme to make it more > reliable, > easier to implement and harder to abuse (e.g. naming only some of NS > records), so the structure will change even more. For this reason I decided > not to change all delegations (to spare our RIPE contacts from modifying it > all twice) until I will do that. > > However on Feb 24, RIPE sent lameness notifications to us and our RIPE > contact got angry at me for not notifying them about this change, and > requesting that I add the record back. I prefer not to do that, since my > plans are very different and customers tend to put anything to NS records > without asking. Adding CNAME record would not solve this problem since NS > must not point to CNAME (scripts at RIPE check for that, right?). > > So I'm asking you for an advice > - is it possible to mass-remove the "dns.nextra.sk" from delegations? Write an script to mass change all your delegations and send it all as GPG/PGP signed mail. - would it cause big problem if I kept it as it is, even if dns.nextra.sk > does not exist? (I hope no delegations will be removed because of this) - is there anything other to advise me? Put dns.nextra.sk back into the zone until you resolve this issue. Ondrej. -- Ondrej Sury technicky reditel/Chief Technical Officer ----------------------------------------- CZ.NIC, z.s.p.o. -- .cz domain registry Americka 23,120 00 Praha 2,Czech Republic mailto:ondrej.sury at nic.cz http://nic.cz/ sip:ondrej.sury at nic.cz <sip%3Aondrej.sury at nic.cz> tel:+420.222745110 mob:+420.739013699 fax:+420.222745112 ----------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: </ripe/mail/archives/dns-wg/attachments/20090317/252b90ec/attachment.html>
- Previous message (by thread): [dns-wg] DNS lameness question
- Next message (by thread): [dns-wg] DNS lameness question
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]