I didn't mean to be opaque, but just in case it clarifies more: The question is "does the benefit of quicker updates outweigh the risks involved in serving a few select zones authoritatively from a recursive server that is open to a select population?"
I do realize that that is a determination for my organization to make, but if more of the risks were enumerated for non-open resolvers, it would be easier to weigh. Thanks, Adi On Wed, Mar 13, 2013 at 06:17:49PM -0400, R.P. Aditya wrote: > In the interest of providing quick updates to a "trusted" population of > 100k or so end clients, there is a desire to provide a few zones > authoritatively on the internal servers that provide recursion to the > same population. These servers are not reachable at the publically > listed IP addresses in the NS record for those zones. > > Beyond the (real) risk of cache poisoning by the 100k "trusted" folks > (which exists even if we remove those select zones), what other > DNS-specific security risks might be minimized by a strict separation of > auth and recursive processes (beyond the usual modularity arguments)? > > Pointers to public documentation of answers happily accepted. > > Thanks, > Adi > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
