the undiscussed and unannounced change to the default dns config to cause local transfer of the root and arpa zone files has raised major discussing in the dns operational community. (see the mailing list dns-operations@mail.oarc.isc.org). did i miss the discussion here? i have spent some hours turning off the default bind and going custom on a dozen or so machines around the planet. i am not happy. what am i missing here? randy
On Tue, 31 Jul 2007, Randy Bush wrote: > the undiscussed and unannounced change to the default dns config to > cause local transfer of the root and arpa zone files has raised major > discussing in the dns operational community. (see the mailing list > dns-operations@mail.oarc.isc.org). How may viewing these mailing list postings be achieved? Interested, Ian.
Randy Bush wrote:> the undiscussed and unannounced change to the default dns config to > cause local transfer of the root and arpa zone files has raised major > discussing in the dns operational community. (see the mailing list > dns-operations@mail.oarc.isc.org). > > did i miss the discussion here?No. There was none.> i have spent some hours turning off the default bind and going custom on > a dozen or so machines around the planet. i am not happy. > > what am i missing here?I don't have an axe to grind. I don't run the default config on any of my 2 dozen name servers (not all of which run bind anyway) so I wasn't really affected by the change. However, I thought it was a really, really, terrible idea, and a rather rude act considering it relies on the charity of others to not break. There is no requirement that FreeBSD users be permitted to slave the roots. Everyone who uses the default config can have their setups broken the day after installation. We never asked permission to use the resources of others in this way, and they're not required to allow us to do so. It's rude to assume they'll allow it, and it's risky to not receive permission beforehand to ensure slaving the roots will continue to work after RELEASE. The original commit message for the change indicated it was done to bring us in line with "current best practices" but that commit message is the only place I have ever seen anyone say that slaving the roots is current best practice. Again, I don't have an axe to grind and I really don't want to get in the middle of a personal attack. I don't think the world will explode, and in reality, there will probably be no problems at all, but if there aren't, it's because of pure luck not good planning or decision making. Microsoft makes much worse assumptions about the availability of the resources of others, but this is a Microsoft-ish decision, IMO. Just not a good plan. -- Skip
Heiko Wundram (Beenic)
2007-Aug-01 11:19 UTC
default dns config change causing major poolpah
Am Mittwoch 01 August 2007 13:07:27 schrieb Skip Ford:> <snip>You might want to check the thread starting with: <200707162319.41724.lofi@freebsd.org> ("Problems with named default configuration in 6-STABLE") also on freebsd-stable, where quite some discussion on this topic already took place. -- Heiko Wundram Product & Application Development
Dag-Erling Smørgrav
2007-Aug-01 11:49 UTC
default dns config change causing major poolpah
Randy Bush <randy@psg.com> writes:> the undiscussed and unannounced change to the default dns config to > cause local transfer of the root and arpa zone files has raised major > discussing in the dns operational community. (see the mailing list > dns-operations@mail.oarc.isc.org).This is about on par with <unnamed network equipment manufacturer> selling SOHO routers that synchronize their clocks using stratum-1 NTP servers. It should be backed out with prejudice. DES -- Dag-Erling Sm?rgrav - des@des.no
Hi, Regardless of the technicalities and politics, this change is obviously a major POLA violation which is a good enough reason to back it out. -- Bob Bishop +44 (0)118 940 1243 rb@gid.co.uk fax +44 (0)118 940 1295