(speaking not as chair but DNS operator) At the last OARC, my co-worker did a lightning talk on his deployment of MetaZones ( https://indico.dns-oarc.net/event/27/session/7/contribution/39/material/slides/0.pdf )
He attempted to contact the authors of the catalog-zones draft (as did I) to talk about why this draft has some deficiencies. but never heard back. I felt this metazone work (which we are efforting to open source through our employer) should be given a deeper look. The main problem I see is your exmaples always talk of "1 Primary DNS Server and 1 (or more) DNS Secondary servers" I would argue this is a severely outdated operational view, and to me feels that you are out of touch with what operators are actually deploying these days. Tim (again as myself) On Sat, Mar 10, 2018 at 1:46 PM, Tony Finch <d...@dotat.at> wrote: > Mukund Sivaraman <m...@isc.org> wrote: > > > We settled on using a zone representation as it used existing zone > > transfer protocol (and authorizations) and would involve minimal changes > > for both implementations and operations vs. inventing a new protocol. > > I want to emphasize this point. > > In my previous job running MXs it was amazingly easy to do in-band SMTP > call-forward address verification - one configuration was able to verify > addresses at dozens of departmental mail servers with all sorts of > different configurations. Trying to talk to each department's LDAP service > (if they had one) would have been a nightmare. > > In my current job, I can provide a catalog zone and a bit of configuration > advice to make it much simpler for my colleagues to run stealth > secondaries - no need for them to adjust firewalls or scripts etc. > > Tony. > -- > f.anthony.n.finch <d...@dotat.at> http://dotat.at/ - I xn--zr8h > punycode > Fair Isle, Faeroes, Southeast Iceland: Easterly or northeasterly 5 to 7, > occasionally gale 8 in Fair Isle. Moderate or rough, occasionally very > rough > later. Rain or showers. Good, occasionally poor. > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
