On 6/14/13 11:07 AM, Chip Marshall wrote: > There was some talk at a recent meeting about establishing some > best practices for operating a DNS server. I'm curious if anyone > is running with this, and if not, if this would be a good forum > to start working on such a project. > > I know there are some IETF documents around best practices for > things like DNSSEC, but to the best of my knowledge there's not a > good repository for things like RRL, making sure your recursive > resolver isn't open, ensuring source port randomization (I know I > still see a lot of source 53 queries) and so on. > > > > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs While I might be getting ahead of myself I do think that any 'best practice' document should be regularly looked at and updated. If a DNS BCOP is handled by DNS OARC then at each meeting there should be a quick 'Does anything need to be updated in the BCOP?' section so that it remains Best Current and not Best 2013.
Liam
signature.asc
Description: OpenPGP digital signature
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
