On 10/5/21 14:52, Joe Greco wrote:
That's not quite true. It still gives much better clue as to what is going on; if a host resolves to an IP but isn't pingable/traceroutable, that is something that many more techy people will understand than if the domain is simply unresolvable. Not everyone has the skill set and knowledge of DNS to understand how to track down what nameservers Facebook is supposed to have, and how to debug names not resolving. There are lots of helpdesk people who are not expert in every topic.
Having DNS doesn't magically get you service back, of course, but it leaves a better story behind than simply vanishing from the network.
That's great for you and me who believe in and like troubleshooting. Jane and Thando who just want their Instagram timeline feed couldn't care less about DNS working but network access is down. To them, it's broken, despite your state-of-the-art global DNS architecture. I'm also yet to find any DNS operator who makes deploying 3rd party resiliency to give other random network operators in the wild troubleshooting joy their #1 priority for doing so :-). On the real though, I'm all for as much useful redundancy as we can get away with. But given just how much we rely on the web for basic life these days, we need to do better about making actual services as resilient as we can (and have) the DNS. Mark.