On 26 Nov 2014, at 15:42, Paul Hoffman <paul.hoff...@vpnc.org> wrote:
> Greetings. Warren and I updated the draft a bit to reflect input from the WG, > and to add another configuration example (for Windows Server). I think the general problem space of how we distribute authoritative data to caches is well worth thought and investigation. The model "if you want good end-user performance, you need to anycast your authority servers all over the planet or pay someone to do it for you" is a poor one, no matter how much we enjoy it at Dyn. This document is thinking in that direction, but it is restricting itself to what is arguably the best-served DNS zone in the world, with the most spare capacity in its infrastructure, and which is least in need of improvement. Generally, I am against adding complexity without benefit. I continue to be concerned that slaving the root zone on (or near!) validators smells like a configure-and-forget project for some sysadmin who has since left the company, and the people left are only one firewall rule change away from weird troubleshooting nightmare. I agree that carefully documenting how this should be done is better than leaving those people with no documentation at all when they need it at 3am. I think the document is well-written and clear, but that it needs the risks (non-zero) and benefits (near-zero) to be clearly discussed, and to avoid any unwarranted suggestion that doing this is sensible in the general case. So... On 14 Nov 2014, at 15:40, Wes Hardaker <wjh...@hardakers.net> wrote: > Warren Kumari <war...@kumari.net> writes: > >> We are requesting a call for adoption of >> draft-wkumari-dnsop-root-loopback. > > Support adopting, but we will need to talk about careful wording of when > to use it and when not to. ... +1 to Wes' conditional support above. I will review, contribute text when not swamped by other things, etc. Joe _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
