Stephane Bortzmeyer (bortzmeyer) writes:
> It has always been our policy (and, I believe, the one of the majority
> of DNS operators), that responsability and monitoring belongs to the
> _master_. If a secondary of .fr lags behind, it is _our_ role and
> responsability to detect it and to solve it (warning the secondary,
> retiring the secondary from the NS RRset, etc).
+1.
> If a secondary we host
> for .example lags behind, it is not up to us to notice, but to the
> .example managers.
To be picky: If the _zone_ .example hosted on a server which acts as
secondary, managed by you, lags behind, it is not up to you to notice :)
> A recent example was the break of isoc.org and internetsociety.org. A
> secondary name server was behind and served expired signatures. IMHO,
> the fault is 100 % on the ISOC side: they should monitor their own
> zones.
Absolutely.
Cheers,
Phil
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
