Re: Numbering nameservers and resolvers

because most of the end users who would be querying it are in Canada, and, with one nameserver in Canada and one in Japan, they would get a long RTT on DNS queries roughly half the time. But only, say, once per week if you're running a reasonable TTL on your zone.

Re: Numbering nameservers and resolvers

On Tue, Aug 17, 2010 at 08:52:20AM -0400, Jared Mauch wrote: > Selecting a site outside of your control is valuable. When I was > hostmas...@cic.net, we "traded" with mr.net. These days, if I were > in the same role, I would want to have three instead of two. Asia, > Europe and US someplace. If

Re: Numbering nameservers and resolvers

Mikael Abrahamsson writes: > On Tue, 17 Aug 2010, Nick Olsen wrote: > >> So lets say that you have multiple DNS resolvers in the same ip space that >> you advertise from multiple locations. All would be fine for the most part. >> But if you had a location equidistant network wise from two POP's

Re: Numbering nameservers and resolvers

On 16/08/2010 08:49, Mike wrote: I am needing to renumber some core infrastructure - namely, my nameservers and my resolvers - and I was wondering if the collective wisdom still says heck yes keep this stuff all on seperate subnets away from eachother? Anyone got advice either way? Should I tr

Re: Numbering nameservers and resolvers

On Tue, 17 Aug 2010, Nick Olsen wrote: So lets say that you have multiple DNS resolvers in the same ip space that you advertise from multiple locations. All would be fine for the most part. But if you had a location equidistant network wise from two POP's wouldn't it load balance and possibly br

Re: Numbering nameservers and resolvers

How would someone get around this? This is also what OpenDNS does from what I understand. Nick Olsen Network Operations (321) 205-1100 x106 From: "Doug Barton" Sent: Tuesday, August 17, 2010 2:12 PM To: "Sven Olaf Kamphuis" Subject:

Re: Numbering nameservers and resolvers

On 08/17/2010 05:11, Sven Olaf Kamphuis wrote: tcp/zonetransfer not working reliably is no longer a problem TCP is a MUST for DNS. It's used as a fallback in the normal resolution process if an answer can't fit in a UDP packet for whatever reason. This is true even for common things like lar

Re: Numbering nameservers and resolvers

On Tue, 17 Aug 2010 12:11:56 + (UTC) Sven Olaf Kamphuis wrote: > nowadays, i'd simply put them all on the same /24 which you simply > announce on different pops I would raise a red flag of caution with this approach especially for services that need to be reachable outside your network If

Re: Numbering nameservers and resolvers

> One of my former employers backhauled all their legacy nameservers to a = > single site, eg: e[0-2].ns.voyager.net. > > While they were originally on diverse subnets and geographical = > locations, this appears to have changed. As one of the people who originally worked on that setup, I'll note

Re: Numbering nameservers and resolvers

On Aug 17, 2010, at 8:56 AM, Chris Adams wrote: > Once upon a time, Sven Olaf Kamphuis said: >> tcp/zonetransfer not working reliably is no longer a problem as you simply >> retreive those directly from the database over a seperate ip, no more >> old-fashioned bind related crap. > > TCP is no

Re: Numbering nameservers and resolvers

Once upon a time, Sven Olaf Kamphuis said: > tcp/zonetransfer not working reliably is no longer a problem as you simply > retreive those directly from the database over a seperate ip, no more > old-fashioned bind related crap. TCP is not just for zone transfers (especially in the age of DNSSEC

Re: Numbering nameservers and resolvers

> nowadays, i'd simply put them all on the same /24 which you simply > announce on different pops > > tcp/zonetransfer not working reliably is no longer a problem as you simply > retreive those directly from the database over a seperate ip, no more > old-fashioned > bind related crap. tcp/zon

Re: Numbering nameservers and resolvers

Sven, On Aug 17, 2010, at 8:11 AM, Sven Olaf Kamphuis wrote: > this whole "you have to put 2 nameservers on two seperate subnets at two > different locations" seems a bit.. pre-1993 to me. > plus, why only 2, why not... 20 or so, all in different parts of the world > and let bgp handle the rest

Re: Numbering nameservers and resolvers

nowadays, i'd simply put them all on the same /24 which you simply announce on different pops tcp/zonetransfer not working reliably is no longer a problem as you simply retreive those directly from the database over a seperate ip, no more old-fashioned bind related crap. so 1 /24 prefix, wit

Re: Numbering nameservers and resolvers

On Mon, Aug 16, 2010 at 06:08:02AM -0700, Owen DeLong wrote: > On Aug 16, 2010, at 6:03 AM, Chris Adams wrote: > > Once upon a time, Patrick W. Gilmore said: > >> 1) Use different prefixes. A single prefix going down should not kill > >> your entire network. (Nameservers and resolvers being unre

Re: Numbering nameservers and resolvers

On Aug 16, 2010, at 9:03 AM, Chris Adams wrote: > Once upon a time, Patrick W. Gilmore said: >> 1) Use different prefixes. A single prefix going down should not kill >> your entire network. (Nameservers and resolvers being unreachable >> breaks the whole Internet as far as users are concerned.

Re: Numbering nameservers and resolvers

On 8/15/2010 11:49 PM, Mike wrote: Hi Folks, I am needing to renumber some core infrastructure - namely, my nameservers and my resolvers - and I was wondering if the collective wisdom still says heck yes keep this stuff all on seperate subnets away from eachother? Authoritative name servers sh

Re: Numbering nameservers and resolvers

In IPv6 you should be able to advertise up to /48 with no problem... Arie On Mon, Aug 16, 2010 at 4:03 PM, Chris Adams wrote: > Once upon a time, Patrick W. Gilmore said: > > 1) Use different prefixes. A single prefix going down should not kill > > your entire network. (Nameservers and resolv

Re: Numbering nameservers and resolvers

On Aug 16, 2010, at 9:03 AM, Chris Adams wrote: > Once upon a time, Patrick W. Gilmore said: >> 1) Use different prefixes. A single prefix going down should not kill >> your entire network. (Nameservers and resolvers being unreachable >> breaks the whole Internet as far as users are concerned.)

Re: Numbering nameservers and resolvers

On Aug 16, 2010, at 6:03 AM, Chris Adams wrote: > Once upon a time, Patrick W. Gilmore said: >> 1) Use different prefixes. A single prefix going down should not kill >> your entire network. (Nameservers and resolvers being unreachable >> breaks the whole Internet as far as users are concerned.

Re: Numbering nameservers and resolvers

Once upon a time, Patrick W. Gilmore said: > 1) Use different prefixes. A single prefix going down should not kill > your entire network. (Nameservers and resolvers being unreachable > breaks the whole Internet as far as users are concerned.) How do you do this in the IPv6 world, where I get a

Re: Numbering nameservers and resolvers

On 2010-08-16 08:49, Mike wrote: > Hi Folks, > >I am needing to renumber some core infrastructure - namely, my > nameservers and my resolvers - and I was wondering if the collective > wisdom still says heck yes keep this stuff all on seperate subnets away > from eachother? Anyone got advice ei

Re: Numbering nameservers and resolvers

For resolvers, I guess it would make sense to advertise them as /32s as dynamic prefixes coming from some SLB device... You can have multiple VIPs, each representing a different POP/network domain... Arie On Mon, Aug 16, 2010 at 9:49 AM, Mike wrote: > Hi Folks, > > I am needing to renumber so

Re: Numbering nameservers and resolvers

for authoritatuve servers, i try to have one on a very different backbone on a distant continent. i make deals with friends. there have been just too many failures where servers were in the same facility, or behind the same routing, or on a single backbone. see rfc 2182. for customer- and infra

Re: Numbering nameservers and resolvers

On 8/16/2010 2:49 AM, Mike wrote: from eachother? Anyone got advice either way? Should I try to give If you have a dedicated subnet for /32s (e.g., router loopback interfaces), i'd pick from there. if you eventually require geo-redundancy or want to load balance your queries, it's much neat

Re: Numbering nameservers and resolvers

On Sun, 15 Aug 2010 23:49:05 PDT, Mike said: > I am needing to renumber some core infrastructure - namely, my > nameservers and my resolvers - and I was wondering if the collective > wisdom still says heck yes keep this stuff all on seperate subnets away > from eachother? Anyone got advice eithe

Re: Numbering nameservers and resolvers

On Aug 16, 2010, at 12:49 AM, Mike wrote: > Hi Folks, > > I am needing to renumber some core infrastructure - namely, my nameservers > and my resolvers - and I was wondering if the collective wisdom still says > heck yes keep this stuff all on seperate subnets away from eachother? Anyone >

Re: Numbering nameservers and resolvers

Composed on a virtual keyboard, please forgive typos. On Aug 16, 2010, at 7:49, Mike wrote: > Hi Folks, > > I am needing to renumber some core infrastructure - namely, my nameservers > and my resolvers - and I was wondering if the collective wisdom still says > heck yes keep this stuff all

Numbering nameservers and resolvers

Hi Folks, I am needing to renumber some core infrastructure - namely, my nameservers and my resolvers - and I was wondering if the collective wisdom still says heck yes keep this stuff all on seperate subnets away from eachother? Anyone got advice either way? Should I try to give sequentia