On Wed, May 16, 2012 at 08:52:26PM -0400, Joe Abley <[email protected]> wrote a message of 50 lines which said:
> For example, a ccTLD is redelegated, the root zone is stale on the > local ISP's resolver, and since most of that ISP's customers never > have a reason to look for names under that cc, it remains broken for > a long time with no alarm bells sounding. [...] > Whilst I agree that from a technical protocol perspective it all > sounds fine, the operations sound horrible. The result will be more > visibly broken DNS than there is today, While, technically, I agree with you (it will be bad, awful and hard to debug and many people will fingerpoint in the wrong direction), it will happen. Yes, in theory, root zone slaving is dangerous and should be done only by Mark Andrews and Doug Barton because they know what they are doing. But, in practice, it will happen, for political reasons, because it seems cool, because it seems easy, etc. Also, the problem you mention (different results from different resolvers, unlike the original DNS model of eventual consistency, with eventual meaning a very short time) is already a reality: we have DNSSEC issues, we have network issues, we have censorship, we have lying resolvers... Today, we already cannot assume that a DNS answer will be the same everywhere. dig is no longer sufficient to debug, we need a distributed monitoring. _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
