On Thu, Jan 18, 2001 at 09:13:40AM -0000, D. J. Bernstein wrote:
This doesn't invalidate your original point, but I disagree with this:
> A recent bind-users report pointed out that BIND 8 can't find the IPv4
> address of www.monty.de, even though the monty.de configuration is valid
> and the relevant servers are responding quickly.
The servers might respond quickly at the moment, but the configuration
is nevertheless invalid:
% host -t any www.monty.de.
www.monty.de is a nickname for monty.de
monty.de name server ns.norplex.net
monty.de name server ns2.norplex.net
% traceroute ns2.norplex.net.
traceroute to ns2.norplex.net (151.189.26.234), 30 hops max, 40 byte packets
1 xanthos.informatik.uni-bonn.de (131.220.4.3) 2 ms 2 ms 2 ms
...
14 grf-ffm-ge020.germany.net (151.189.3.121) 23 ms 19 ms 19 ms
15 151.189.26.234 (151.189.26.234) 20 ms 21 ms 25 ms
% traceroute ns.norplex.net.
traceroute to ns.norplex.net (151.189.12.193), 30 hops max, 40 byte packets
1 xanthos.informatik.uni-bonn.de (131.220.4.3) 2 ms 2 ms 2 ms
...
14 grf-ffm-ge020.germany.net (151.189.3.121) 46 ms 18 ms 20 ms
15 vserver.neptun11.de (151.189.12.193) 29 ms 21 ms 20 ms
%
Using an official secondary which is behind the same router is
completely bogus, and at least until recently, no domain would be
registered at all that didn't have a really independent secondary
server.
But it looks like nowadays it is ok to not pretend at all to have a
secondary nameserver, and even people who should know better don't
bother:
% host -t any yp.to.
yp.to name server a.ns.yp.to
yp.to name server b.ns.yp.to
% host -t any a.ns.yp.to.
a.ns.yp.to has address 131.193.178.181
% host -t any b.ns.yp.to
b.ns.yp.to has address 131.193.178.181
so why should clueless $30 ISPs do?
Now, let's go back to discuss design of reliable networks.
Regards,
-is
PGP signature
