On 6/13/2010 14:59, Joe Greco wrote:
What happens? The master zone simply doesn't get updated until someone FedEx's a floppy. You know, some of us made these sorts of contingency plans long ago, back in days when the Internet actually wasn't all that reliable, and it wasn't completely unthinkable to be off the air for at least 24 hours.
Interesting plan.
I've got a Gateway computer down stairs that can write a 3.5 inch floppy and a Micron tower (running Windows 2000 the last time it was powered up) that can write 5 inch floppies.
If we want to be pedantic, Sony this year announced that it is shutting down its production of floppy disks by next year. Of course, the choice of "floppy disk" is irrelevant, and I'm guessing you know it. If your devices are more comfortable with CD-ROM or USB MicroSD readers, then by all means. Long before NANOG, there was actually a time that some of us hauled around things like USENET on magnetic media, because it was simply the highest bandwidth yet cheapest method to haul large amounts of data around the city, back when a Telebit Trailblazer was still vaguely able to cope with a USENET feed - and for a little while thereafter.
When I left active administration in 2003, out of 30 or so machines running BIND I can't recall one that has a floppy drive of any sort.
If your network has been so thoroughly taken over that you cannot hope to get a file from a computer that does have a floppy over to your DNS server, you have Much Bigger Problems to begin with...
It's not that rough, these days, to install some monitoring to make sure that your zones are up to date on the secondaries and that they resolve names correctly; some operators used to even get really super-freakazoid and do zone transfers back to allow verification. Here, we draw the line at checking the SOA's for consistency and checking one other beacon record for resolvability. That's clearly not a solution aimed at warning about non-transferable zones; it raises some interesting questions. Think maybe I'll go asking on dnsops what, if anything, people do to monitor.
"monitor" implies connectivity. The OP was about the possibility that the government would deny you connectivity. Please try to stay n topic.
Our monitoring systems are definitely able to detect when connectivity goes away. What happens if and when that happens is generally left up to a human to decide. The sorts of brokenness that one might potentially discover if the government were to corrupt connectivity is much more complex than simple on/off; I feel comfortable saying that the best plan is to have diversity of resources and some in-depth knowledge, since that also serves normal engineering needs well. ... JG -- Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net "We call it the 'one bite at the apple' rule. Give me one chance [and] then I won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN) With 24 million small businesses in the US alone, that's way too many apples.