On 10/14/2013 11:03 AM, Warren Kumari wrote:
On Oct 14, 2013, at 7:08 PM, Paul Hoffman <[email protected]> wrote:
A fictitious 100-person company has an IT staff of 2 who have average IT
talents. They run some local servers, and they have adequate connectivity for
the company's offices through an average large ISP.
Should that company run its own recursive resolver for its employees, or should
it continue to rely on its ISP?
Depends. Seeing as you said "average IT talents" I'm saying "No". These days "average IT
talents" for a 100-person company probably means "sorta kinda knows how to make Windows not fall over and
also do some Exchange stuff".
My wife does some consulting for a number of companies of this sort of size
(and I give her a hand every now and then), and unless the IT folk are actively
interested (and most are not) I think running recursive is simply a mistake for
them.
And auth doubly so….
My experience is the same as Warren's, and thus my answer is the same as
well. In theory I agree with Paul about what they *should* do, but in
practice (IME) the skills are not there, and they would end up doing
more harm than good to themselves, and likely the net in general.
We of the DNS literati tend to forget just how difficult this stuff
really is, and how hard it is for companies to prioritize spending money
on things that usually "just work." I can't count the number of times I
got "emergency" calls when I was consulting about how some enterprise
needed my help right away because "the Internet is down" ... only to get
a call 30 minutes later letting me know I wasn't needed because someone
accidentally rebooted the right thing and now "the Internet" is working
again. They don't care, and they don't *want* to care. They just want it
to work.
Doug
PS, 2 IT folk for a 100 person company is extraordinarily generous.
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
