I've inherited a bit of a mess; a small company is ceasing operations and we're
taking over their NS, and it's a who's-who of how not to set up authoritative
DNS.
(NS 1,4 share the same IP and 5 shares the same hardware, NS3 is not even
authoritative, it just forwards to NS1, etc, so basically they have one actual
functioning server, although oddly 5 doesn't carry all zones)
The biggest thing I'm finding is inconsistent delegation, primarily cases where
the domain is delegated to NS1-2 and the zone lists 1-4, or the reverse.
Assuming that all the NS records ultimately point to servers that actually
respond and that there's no lame delegation, what actually breaks in the real
world when delegation is inconsistent? – I'd expect inconsistent load balancing
of the NS, which is fine and expected.
Is it better if I scrape the appropriate TLD zones to determine what NS records
to apply and update the zones individually to match, or should I just replace
the whole mess with my authoritative NS records?
Obviously in all cases we'll keep ns1-5.old-ISP.example pointing to valid
authoritative servers, and we will work with their customers to fix their NS
configuration as quickly as possible so as to best use our infrastructure. We
can do a bulk update at the registrar level for most customers, but far from
all.
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
