Sweeping Lame DNS Delegations A Proposal DNS OPS SIG APNIC 15, Taipei, Taiwan 26 February 2003
Download ReportTranscript Sweeping Lame DNS Delegations A Proposal DNS OPS SIG APNIC 15, Taipei, Taiwan 26 February 2003
Sweeping Lame DNS Delegations A Proposal DNS OPS SIG APNIC 15, Taipei, Taiwan 26 February 2003 Problem • 10-15% of all reverse DNS domains managed under APNIC are ‘lame’ – Lame DNS increase traffic to DNS root servers – Lame DNS inconveniences end users – Lame DNS inconveniences unrelated third parties • Fixing Lame DNS requires top-down coordination Proposal • APNIC uses domain: objects in whois to manage reverse DNS delegation – Changing domain object changes DNS • APNIC Secretariat is measuring and identifying lame DNS records already for statistical purposes – Proposed to add a ‘disable’ function to DNS zone generation – Mark Lame DNS domain: objects disabled – Notify Maintainer, permit re-enabling Details • 30 Day notice of LAME DNS status – Countdown timer – Countdown resets if DNS fixed – EMail to maintainer during 30 day window • At end, record marked disabled – Monthly reminder email to maintainer • Tests see ‘intermittent’ lame DNS – Only persistently lame disabled • Lame for 30 days or more Process to re-enable • Disable flag is extra Remark: field in domain object • To Re-enable, update whois domain: object to remove the Remark: field added by APNIC systems. • Domain object must meet normal DNS requirements when re-submitted – Minimum 2 nserver: entries, tested live Other RIRs • ARIN – Adopted similar mechanism, will be reviewed at ARIN-XI • LACNIC – Measure and record lame DNS daily, considering proposal to disable at next LACNIC meeting • RIPE-NCC – Measure only at this stage Reporting • Add standing report to DNS OPS SIG – Number of lame DNS records detected – Rate of disabling, re-enabling – Additional reports to IEPG, NANOG, SANOG etc • Coordination with other RIRs – May vary process timing, extend process • Review process in DNS-SIG – RIR and other modifications/proposals should be subject to DNS-SIG review Benefits of this proposal • Improved DNS services – Reduction of load on root DNS servers – Improved Internet connection times – Better logging of connections