Domain Not Resolving

[Reindl Harald]

Am 22.11.2017 um 15:02 schrieb Ray Bellis:
> On 21/11/2017 17:30, Reindl Harald wrote:
> 
>> because of https://www.iana.org/help/nameserver-requirements and he
>> should not have allowed this setup at all because "Minimum number of
>> name servers - There must be at least two NS records listed in a
>> delegation, and the hosts must not resolve to the same IP address"
>>
>> and the next paragraph makes it clear that even a second machine in the
>> same subnet is not enough for obvious reasons
>>
>> Network diversity
>> The name servers must be in at least two topologically separate
>> networks. A network is defined as an origin autonomous system in the BGP
>> routing table. The requirement is assessed through inspection of views
>> of the BGP routing table
> 
> Those requirements are the ones that apply to delegations in the root zone.

every registry i know enforces that points too based on 
https://tools.ietf.org/html/rfc1034 and "A given zone will be available 
from several name servers to insure its availability in spite of host or 
communication link failure. By administrative fiat, we require every 
zone to be available on at least two servers, and many zones have more 
redundancy than that" and when one thinks that RFC's are just a "request 
for comment".. well..

i have even seen requirements of 3 nameservers while it's common sense 
that when you need to have two that it's pointless using the same 
machine as well as it's pointless have two MX records pointing to the 
same IP

additionally: by common sense both should use zone-transfers instead 
copy zone-files because errors in the zonefile would not bring down the 
slave (many errors like "CNAME and others" simply let not start named at 
reboot)

> As it is, the topology test is broken because it doesn't account for an
> Anycast configuration where multiple sites share the same origin ASN
> even though they're connected via completely different AS paths

different topic