From: woods@weird.com [mailto:woods@weird.com] Sent: Saturday, January 27, 2001 3:38 PM

[ On Saturday, January 27, 2001 at 14:40:39 ( -0800), Roeland Meyer wrote: ]

...

Subject: RE: How common is lack of DNS server diversity?

Then, how do you intelligently talk about the other entities I bring up?

An "authoritative nameserver" is, well, an authoritative nameserver. Nothing more, nothing less. If it's registered (in the parent zone, or the root cache/hints file in the case of a top level zone) but it's not actually answering authoritatively (but it is answering) then it's considered to be "lame".

Actually, in /bind/contrib, there are programs to chase down and email hostmaster of lame servers. They are considered not-acceptable. BIND also err-logs these, explicitly.

Everything else describes the relationship of the zone to the root (eg. "top level domain", "second level domain", etc.).

People who want to ascribe some meaning to who's responsible for shared top (or sometimes second) level zones talk about "global top level domains" and "country code top level domains" or maybe "second level country code domains", though none of these descriptions are technically meaningful in any way whatsoever -- they simply ascribe administrative descriptions to ordinary top level (or maybe second level) domain names.

What more could you possibly need!?!?!?!?

That's overly simplistic. Put a recursive SLD server up and see how fast the cache gets munged.

The only confusing terms that have been used repeatedly everywhere and by most everyone at one time or another are "primary" and "secondary" nameservers (especially when they give the impression that there's only one "secondary" nameserver). The new BIND documentation suggests the much better terms "master" and "slave". There's only one master, and it might not even be registered or visible (though BIND's named will complain if the master listed in the SOA isn't also listed as one of the NS records). There can be many slaves, and not all of them need to be registered or visible either. Both the master and all of the slaves will always answer authoritatively (at least to anyone who can reach them and who they permit to query them). Either way if they're listed in publicly visible NS records, either in their parent zone, or within the zone, they'd damn well better answer authoritatively!

Agreed.

This is not rocket science -- it's very very very simple stuff! Anyone comfortable with keeping lists of things and understanding hierarchical relationships between those lists can do DNS in their sleep once they learn a half dozen very simple rules.

I can almost agree. But the existance proof against this point is the ICANN.

I believe the reason that Internet DNS is in such a sorry state is literally because it is so boringly simple yet particular about the tiny details that only an accountant-type personality would care about. We need more accountants to do the DNS! :-)

Interesting that you bring up accountancy, there is a fair amount of $$$ invloved here.