override ttl=0
Bill Larson
wllarso at swcp.com
Fri Jan 4 03:34:43 UTC 2008
On Jan 3, 2008, at 7:15 AM, Stephane Bortzmeyer wrote:
> Remember: the one who takes the decision (using TTL=0) is not the one
> who pays for it (in terms of larger work for the recursor). So, it
> seems reasonable that the persons who pay have some sort of control.
You are implying that the end user is the one who pays for an
administrator setting their TTL=0. I would argue that it is actually
the reverse. The hosting system will be hit much harder due to this
low TTL value, which also implies that their network is going to be
hit harder. And, if their server and network cannot support the
load, then their targeted end users will stop using the services
because things are slow.
So, an administrator that use a zero TTL may possibly be hurting
themselves. Just another way to look at this problem.
Now, another question. Is it the responsibility of DNS
administrators to "fix" problems caused by other people? I view
attempting this as a death spiral into the toilet. A "fix" here
breaks a properly working situation there requiring another fix
causing another break... When does it stop? In my opinion, by never
trying to "fix" a systemic problem at any point other than the
original source.
As to "chasing the uneducated admins to educate them", yes people do
this. A user attempting to use one of these misconfigured systems,
after talking to the local DNS admin to learn what the problem is,
can contact someone providing the service that they want and inform
them that they can't use their service until their configuration is
corrected. If a user feels that the service is important, they will
be willing to contact the service provider to tell them that there is
a problem. The alternative is to not be able to use the service
provided.
I suspect that all of us, readers of the BIND-USERS list, have done
this, as users, at one time or another.
But, the original poster was referring to a problem with a particular
piece of hardware, not a software configuration. So, in this
situation, I would strongly suggest that they refer this whole thread
to Cisco, the hardware developer/manufacturer, for a solution. To
quote Cisco's web page on this product:
> NAT-PT is an interoperability solution that does not require any
> modifications or extra software, such as dual stacks, to be
> installed on any end user host of either IPv4 or IPv6 networks
Well, if the use of this product requires a modification of BIND,
then this statement is incorrect. It needs to be corrected. Or
maybe the network implementation using NAT-PT is incorrectly designed
and Cisco may be able to assist in providing a proper implementation.
Bill
More information about the bind-users
mailing list