I don't have enough information to answer this question. I don't know what "average" IT talents means. Do these 2 imaginary staff members know enough about caching resolvers to be able to figure out that the authoritative servers for exampledomain.tld have NS records that don't match their glue records and the NS records don't have matching A records, and that's why exampledomain.tld works fine for a day, but then goes dark for the next 24 hours, then repeats?
Does this company have a reason for doing their own caching? ISP does NXDOMAIN redirection, they want to do DNSSEC validation, want to use RPZ, etc. Do they have a local mail server that would benefit from a closer cache? I default to "yes" as well, but if they only have the one local resolver, and don't have any kind of backup (Google/OpenDNS, etc as secondary/tertiary via DHCP or whatever means they use for workstation network configuration), these two imaginary IT staff members could be setting themselves up for an embarrassing outage. -Rich On Oct 14, 2013, at 11:08 AM, Paul Hoffman <[email protected]> wrote: > A fictitious 100-person company has an IT staff of 2 who have average IT > talents. They run some local servers, and they have adequate connectivity for > the company's offices through an average large ISP. > > Should that company run its own recursive resolver for its employees, or > should it continue to rely on its ISP? > > --Paul Hoffman > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations > dns-jobs mailing list > https://lists.dns-oarc.net/mailman/listinfo/dns-jobs > _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
