Duties of a DNS admin.

Tue Jul 17 03:52:46 UTC 2001

Both the integrity/quality of the DNS data, and the reliability and performance
of the DNS infrastructure, should be important to an organization. I think at
least part of the problem here is taking an imprecise label -- "DNS Admin" --
and expecting that label to stretch to cover both/all aspects of DNS. Around
here, we are somewhat stratified -- I and my group deal with DNS architecture
and the DNS-specific software which actually runs DNS (BIND) and the homegrown
stuff which is used to maintain DNS data and monitor nameserver operation. But
other groups support the OS on the nameservers, and yet other groups support
the hardware. As for data-entry, that's mostly delegated out to various groups,
based on what kind of device the DNS name refers to (Telecom folks maintain
names for network gear like hubs/switches/routers/etc., the Server Group
maintains names for Unix and NT servers, the Office Automation group maintains
names for file servers and LAN-attached printers, etc.). For an ISP, there's
probably less of a call for divvying up the data-entry part among various
groups, although allowing the customer to be able to maintain their own zone
data -- with a ton of hand-holding, sanity-checking and failsafes, of course --
would probably be the closest parallel.

I realize that such a degree of stratification and/or delegation may not work
for all organizations, and it *does* require good communication between the
groups in order to pull off, but I do urge you to consider the possibility that
most of the issue here stems from the imprecision of the "DNS Admin" label, and
the sometimes-rather-artificial organizational lines which are drawn. It may
not be a fundamental difference in your respective approaches to supporting and
maintaining DNS, or in your respective estimations of what it actually takes to
successfully implement DNS in an organization.

- Kevin

Duane Powers wrote:

> Robert L. Yelvington wrote:
>
> > I second Mr. Knowles request for a summary...I'd be in interested to know.
> >
> > Kind regards,
> > ~Rob
> >
> >
> > on 7/11/01 12:17 PM, Brad Knowles at brad.knowles at skynet.be wrote:
> >
> >
> >>At 11:08 AM -0700 7/11/01, Duane Powers wrote:
> >>
> >>
> >>>To all who replied, thanks much for your time and assistance.
> >>>
> >>Do you care to summarize the responses you got, so that we can
> >>get an idea of what the consensus is amongst some people from this
> >>list?
> >>
> >
>
> Sorry for the delay. I was traveling from Texas back to CA, so I didn't
> get to check my mail rapidly enough.
>
> I basically only received a few responses, the majority of which
> indicated that the dns administrators job is much more unix based, and
> not so much the data entry - here's a quote:
> "We take care of all functions of our DNS environment, boxes, zones,
> registrations, everything.....Anyone can sit there and do data entry,
> that is the easy part of DNS administration."
> MK
>
> I got a link to check  - which i haven't done yet
>
> http://www.usenix.org/sage/jobs/jobs-descriptions.html
>
> provided by G. Roderick Singleton, and I got a pretty good email about
> being a dns/sendmail admin from which I'll quote:
> "DNS and Sendmail are not rocket science applications, but both are
> mission critical. The discussion you are having with your  counter part,
> is one that goes on with-in all IT departments.  I believe its the duty
> of the department to set standards that one or more people have the
> flexibility to do it all.
>
> That way it (hopefully) gets done right.
> jda "
>
> This would definitely seem to be a thread that could use more input,
> from some of the more experienced admnins on the list (more than me,
> that is) as there is some pretty obvious interest on the topic. I've
> received three requests to forward the information received to others.