tobold.org

correct • elegant • free

△ comp.protocols.tcp-ip.domains △

◅ Newbie DNS questions

Pitfalls for Firewall Cache-Only DNS ▻

off site secondaries

In article <313kmv$998@gap.cco.caltech.edu>, Glen A. Herrmannsfeldt
<gah@cco.caltech.edu> wrote:
>I believe that off site secondary nameservers are required as part
>of the internet standards, and that they are expected to have
>a different power source?

STD-13 (RFC-1034) says:

                                                                  By
    administrative fiat, we require every zone to be available on at least
    two servers, and many zones have more redundancy than that.

As far as I'm aware, this is the only *requirement*.

>I have seen a number of domains lately that don't seem to have
>any off site secondary.   One is a large state university,
>certainly large enough to have one.
>
>Does anyone really care about this?

We (PIPEX) care enough to insist that all our customers have at least
two permanently connected authoritative servers in separate locations
(usually them and us, or us and another service provider with whom we
have an agreement).

It's easy enough to set up that it's not worth *not* doing.  When you
have a disaster, do you really want to start worrying about what's
breaking because your zone has disappeared?  And if you have a major
disaster, it's trivial to turn a secondary into a primary before the
expire time ticks away.

One final thought: if you only have access to one side of the Great
Internet Divide (i.e. you're connected via NSFnet and don't have access
to the CIX; or you're connected via the CIX and haven't jumped through
the NSFnet AUP hoops) you'd be doing everyone a favour to find a
secondary that has access to both.

Tim.
--
Tim Goodwin        | If alt is the sewer of Usenet,
Public IP Exchange | com is the sewer of the DNS.

Original headers:

From: tim@pipex.net (Tim Goodwin)
Newsgroups: comp.protocols.tcp-ip.domains
Subject: Re: off site secondaries
Date: 27 Jul 1994 13:11:54 +0100
Organization: PIPEX, 216 Science Park, Cambridge, England
Message-ID: <315iua$og7@pipe.pipex.net>
References: <313kmv$998@gap.cco.caltech.edu>

△ comp.protocols.tcp-ip.domains △

◅ Newbie DNS questions

Pitfalls for Firewall Cache-Only DNS ▻