Local Slave copy of root zone

[Grant Taylor]

On 08/20/2018 11:06 PM, Doug Barton wrote:
> But that doesn't mean that slaving a zone, any zone, including the root, 
> is "dangerous." If slaving zones is dangerous, the DNS is way more 
> fragile than it already is.

Sorry, poor chose of words.

The last time I read the RFC discussing slaving the root zone stressed 
that it should only be done for localhost and / or a special config that 
could only impact the single host if (implying when) there was a 
problem, thus limiting the scope of negative impact.

I combined that and the potential unvalidated zone transfer allowing 
""corruption and called it "dangerous".

I don't think there is anything dangerous about slave zone transfers at 
all.  I've been doing them for the better part of 20 years.

I think the ""danger, if any, is the fact that the discussion was around 
the root zone and the potential impact of the blast radius if things 
went wrong.  Namely all client machines that used the DNS server in 
question.

> The DNSSEC validation errors that Tony references are self-healing, in 
> that if the validating resolver stops validating things, the operator is 
> hopefully going to notice that, and take steps to fix it.

Sadly, the small user base that I've had, has been more likely to not 
tell me about problems and live with things or change things to use 
other servers without providing that desired ~> needed feedback loop.

> I am certainly open to the new mirror zone software doing awesome 
> things, don't get me wrong. But don't call something "dangerous" that 
> lots of people have already been using successfully for over 15 years.

Sorry for the poor choice of words.



-- 
Grant. . . .
unix || die

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3982 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20180821/59937b8e/attachment.bin>