Re: RFC 2182 considered harmful

["D. J. Bernstein" <djb@cr.yp.to>]

Let's see if we can come to agreement on the nyu.edu example.

Brian Wellington writes:
> Sure looks like different networks.

It's not. All the addresses are on the NYU network. They all go through
the same gateway, namely nyugwa-fa1-0-0.nyu.net.

RFC 2182 says that secondary servers ``must be placed at both
topologically and geographically dispersed locations on the Internet.''
The NYU servers are neither topologically nor geographically dispersed.

Can we agree that RFC 2182 strongly and clearly recommends against what
NYU is doing?

> How about MX records pointing to an off-site backup mail server?

There don't seem to be any of those in the nyu.edu network.

> Recovery from transient failures?

What are you talking about? Have you fallen for the myth that mail will
bounce when all DNS servers are unreachable? It's simply not true.

Are there any other alleged benefits of third-party nyu.edu DNS servers?

> An unnecessary point of failure?  How?

Security viewpoint: See my recent bugtraq message on the 200 computers
that are currently authorized to take over *.com.

Reliability viewpoint: Is the third-party server running reliable
software? The Linux filesystem can corrupt the zone file if the power
goes out at the wrong moment. I'm also told that old versions of BIND
could truncate zone files.

Efficiency viewpoint: Users would see annoying delays more often than
they do now---unless all the third-party outages align perfectly with
NYU outages.

Other, more predictable, costs of adding a third-party server:

   * It takes time and effort to locate a suitable third party and set
     up zone transfers.

   * It takes more time and effort to track changes in the name or IP
     address of the third-party server.

   * It takes even more time and effort to arrange for fast propagation
     of an urgent change.

So far there's no evidence of any benefits, let alone benefits that
outweigh these costs.

---Dan