On 8/31/2006 at 8:22 AM, <Michael.Dillon@btradianz.com> wrote: [snip]
An ISP could run a modified DNS relay that replicates all responses to a special cache server which does not time out the responses and which is only used to answer queries when specified domains are unreachable on the Internet.
For instance, if you specified that all .es responses were to be replicated to the cache and that your DNS relay should divert queries to the cache when .es nameservers are *ALL* unreachable, then the impact of this type of outage is greatly reduced. You could specify important TLDs to be cached this way as well as important domains like google.com and yahoo.com. The actual data cached would only be data that *YOUR* customers are querying anyway. In fact, you could specify that any domain which receives greater than x number of queries per day should be cached in this way.
From what I've inferred from some other comments about the failure, it seems that the DNS servers were not unreachable or otherwise unavailable, but rather that the .es zone data was corrupted.
Such a failure wouldn't trip the backup system you describe. How does an automated system tell the difference between a "real" NXDOMAIN and a erroneous one? It would take human intervention to turn it on in many potential failure modes. How much of a window is there where the ISP can positively identify a failure and start up their backup before the TLD, or whatever external DNS entity, gets its own act together? -- Crist J. Clark crist.clark@globalstar.com Globalstar Communications (408) 933-4387 BĀ¼information contained in this e-mail message is confidential, intended only for the use of the individual or entity named above. If the reader of this e-mail is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is strictly prohibited. If you have received this e-mail in error, please contact postmaster@globalstar.com