Sweeping Lame DNS Delegations A Proposal
-
Upload
beck-russell -
Category
Documents
-
view
32 -
download
1
description
Transcript of Sweeping Lame DNS Delegations A Proposal
![Page 1: Sweeping Lame DNS Delegations A Proposal](https://reader035.fdocuments.in/reader035/viewer/2022071718/56812eae550346895d945204/html5/thumbnails/1.jpg)
Sweeping Lame DNS DelegationsA Proposal
DNS OPS SIG
APNIC 15, Taipei, Taiwan
26 February 2003
![Page 2: Sweeping Lame DNS Delegations A Proposal](https://reader035.fdocuments.in/reader035/viewer/2022071718/56812eae550346895d945204/html5/thumbnails/2.jpg)
Problem
• 10-15% of all reverse DNS domains managed under APNIC are ‘lame’– Lame DNS increase traffic to DNS root
servers– Lame DNS inconveniences end users– Lame DNS inconveniences unrelated
third parties
• Fixing Lame DNS requires top-down coordination
![Page 3: Sweeping Lame DNS Delegations A Proposal](https://reader035.fdocuments.in/reader035/viewer/2022071718/56812eae550346895d945204/html5/thumbnails/3.jpg)
Proposal
• APNIC uses domain: objects in whois to manage reverse DNS delegation– Changing domain object changes DNS
• APNIC Secretariat is measuring and identifying lame DNS records already for statistical purposes– Proposed to add a ‘disable’ function to DNS
zone generation– Mark Lame DNS domain: objects disabled– Notify Maintainer, permit re-enabling
![Page 4: Sweeping Lame DNS Delegations A Proposal](https://reader035.fdocuments.in/reader035/viewer/2022071718/56812eae550346895d945204/html5/thumbnails/4.jpg)
Details
• 30 Day notice of LAME DNS status– Countdown timer– Countdown resets if DNS fixed– EMail to maintainer during 30 day
window
• At end, record marked disabled– Monthly reminder email to maintainer
• Tests see ‘intermittent’ lame DNS– Only persistently lame disabled
• Lame for 30 days or more
![Page 5: Sweeping Lame DNS Delegations A Proposal](https://reader035.fdocuments.in/reader035/viewer/2022071718/56812eae550346895d945204/html5/thumbnails/5.jpg)
Process to re-enable
• Disable flag is extra Remark: field in domain object
• To Re-enable, update whois domain: object to remove the Remark: field added by APNIC systems.
• Domain object must meet normal DNS requirements when re-submitted– Minimum 2 nserver: entries, tested live
![Page 6: Sweeping Lame DNS Delegations A Proposal](https://reader035.fdocuments.in/reader035/viewer/2022071718/56812eae550346895d945204/html5/thumbnails/6.jpg)
Other RIRs
• ARIN– Adopted similar mechanism, will be
reviewed at ARIN-XI
• LACNIC– Measure and record lame DNS daily,
considering proposal to disable at next LACNIC meeting
• RIPE-NCC– Measure only at this stage
![Page 7: Sweeping Lame DNS Delegations A Proposal](https://reader035.fdocuments.in/reader035/viewer/2022071718/56812eae550346895d945204/html5/thumbnails/7.jpg)
Reporting
• Add standing report to DNS OPS SIG– Number of lame DNS records detected– Rate of disabling, re-enabling– Additional reports to IEPG, NANOG,
SANOG etc
• Coordination with other RIRs– May vary process timing, extend process
• Review process in DNS-SIG– RIR and other modifications/proposals
should be subject to DNS-SIG review
![Page 8: Sweeping Lame DNS Delegations A Proposal](https://reader035.fdocuments.in/reader035/viewer/2022071718/56812eae550346895d945204/html5/thumbnails/8.jpg)
Benefits of this proposal
• Improved DNS services– Reduction of load on root DNS servers– Improved Internet connection times– Better logging of connections