[Sysadmins] Eircom DNS
james at now.ie
Wed Jul 8 21:34:39 IST 2009
On 8 Jul 2009, at 16:49, Paul Jakma wrote:
> What user expertise is required, other than turning the machine on?
Timely updates to root hints. In the very near future timely updates
to root zone DNSSEC keys, other trust anchors (in case root signing
doesn't actually happen). Well behaved caches also run local zones or
otherwise suppress outbound queries for private-use/reserved/localhost
zones which are added to over time. That's just the care and
maintenance side of things.
I was more talking about expertise when things aren't working right.
If you're running your own resolver there isn't anyone to call when
your cache is poisoned, your EDNS0 buffer size is causing grief,
you're shafted by something upstream which blocks UDP messages > 512
bytes, mishandles fragments, barfs on pkts with CD/AD/DO set, sets TC
but doesn't do TCP, or any of the other things that go screwy.
Declan already mentioned the other side of the good hygiene argument,
that of sparing auth. servers from the thundering herd of every end
host bashing away for its own set of answers.
Time flies like an arrow. Fruit flies like bananas.
More information about the Sysadmins