If I wanted to put my nameservers on the same network but route to them through VPNs, tunnels, or whatevers*, it would be up to me to ensure their reachability. First, let's not give InterNIC more power -- they already abuse that which they have. Second, let's not confuse DNS (and DNS stewards) with routing, and addressing. The latter two are operational, NANOG issues, and important. The former, well, let's just call it a sad case of session layer taking down a country ;-) Ehud *whatevers -- whatever your vendor calls your solution to whatever
Most "real" providers have diverse nameservers. For them,
Correct. But diverse announcements are neither a necessary nor sufficient condition for diverse namespace. And given you can't (in Europe anyway) get diverse announcements from day one, and you said...
IMHO, the internic should not allow any domains to have pri+sec nameserver in the same /24
...your proposal would exclude people with valid subnetting plans but no diverse announcements who wish to register new Internic names. Given Internic's current situation with lame delegation, I think this is the least of their problems.
If you wanted to fix this correctly, you could find the penultimate hop to each nameserver, and check they were different. This would seem to be closer to what you are intending to achieve.
-- Alex Bligh GX Networks (formerly Xara Networks)