Hash: SHA1

On 26 Sep 2006, at 18:00, Justizin wrote:
Do you know how DNS works? Slaves don't just ask for a transfer willy-
nilly. Slaves are known to the primary and they get told when to ask.

I'm not sure this is correct.  We should investigate before insulting
each other's intelligence.

This is exactly how it has correctly worked for me for years working with bind-based nameservers. You can always set up "rogue" secondaries that purport to serve zope.org, which then would have to be allowed to manually pull zone data, but what would be the point of that..?

It's a sad logical fallacy for you to state that because you have
never seen this problem, it does not exist.  I spent nearly three
years as an engineer at one of the world's largest provider of managed
internet services, and I can tell you that NS.RACKSPACE.COM and
NS2.RACKSPACE.COM are hit multiple times a year by 8MB/s or greater
DDoS attack.

This was in a datacenter with 9GB/s of bandwidth via multiple OC-48 connections.

Sorry, I don't buy your argument. First of all, big companies like Rackspace will always be an attractive target. We're talking about one piddling open source project here. Secondly, you're omitting the need for economy/sanity. Rackspace has a strong economical need to be up 24/7. Yes, you could put 20 secondaries into the zope.org DNS structure, but what is the point? You will never need that capacity in your life. 3 total is plenty. With 20 secondaries you also have 20 cats to herd, meaning 20 people who own and manage those secondaries.


Version: GnuPG v1.4.1 (Darwin)

Zope-web maillist  -  Zope-web@zope.org

Reply via email to