80 likes | 209 Views
Sweeping Lame DNS Delegations A Proposal. DNS OPS SIG APNIC 15, Taipei, Taiwan 26 February 2003. Problem. 10-15% of all reverse DNS domains managed under APNIC are ‘lame’ Lame DNS increase traffic to DNS root servers Lame DNS inconveniences end users
E N D
Sweeping Lame DNS DelegationsA Proposal DNS OPS SIG APNIC 15, Taipei, Taiwan 26 February 2003
Problem • 10-15% of all reverse DNS domains managed under APNIC are ‘lame’ • Lame DNS increase traffic to DNS root servers • Lame DNS inconveniences end users • Lame DNS inconveniences unrelated third parties • Fixing Lame DNS requires top-down coordination
Proposal • APNIC uses domain: objects in whois to manage reverse DNS delegation • Changing domain object changes DNS • APNIC Secretariat is measuring and identifying lame DNS records already for statistical purposes • Proposed to add a ‘disable’ function to DNS zone generation • Mark Lame DNS domain: objects disabled • Notify Maintainer, permit re-enabling
Details • 30 Day notice of LAME DNS status • Countdown timer • Countdown resets if DNS fixed • EMail to maintainer during 30 day window • At end, record marked disabled • Monthly reminder email to maintainer • Tests see ‘intermittent’ lame DNS • Only persistently lame disabled • Lame for 30 days or more
Process to re-enable • Disable flag is extra Remark: field in domain object • To Re-enable, update whois domain: object to remove the Remark: field added by APNIC systems. • Domain object must meet normal DNS requirements when re-submitted • Minimum 2 nserver: entries, tested live
Other RIRs • ARIN • Adopted similar mechanism, will be reviewed at ARIN-XI • LACNIC • Measure and record lame DNS daily, considering proposal to disable at next LACNIC meeting • RIPE-NCC • Measure only at this stage
Reporting • Add standing report to DNS OPS SIG • Number of lame DNS records detected • Rate of disabling, re-enabling • Additional reports to IEPG, NANOG, SANOG etc • Coordination with other RIRs • May vary process timing, extend process • Review process in DNS-SIG • RIR and other modifications/proposals should be subject to DNS-SIG review
Benefits of this proposal • Improved DNS services • Reduction of load on root DNS servers • Improved Internet connection times • Better logging of connections