-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 26 Sep 2006, at 18:00, Justizin wrote:
Do you know how DNS works? Slaves don't just ask for a transfer
willy-
nilly. Slaves are known to the primary and they get told when to ask.
I'm not sure this is correct. We should investigate before insulting
each other's intelligence.
This is exactly how it has correctly worked for me for years working
with bind-based nameservers. You can always set up "rogue"
secondaries that purport to serve zope.org, which then would have to
be allowed to manually pull zone data, but what would be the point of
that..?
It's a sad logical fallacy for you to state that because you have
never seen this problem, it does not exist. I spent nearly three
years as an engineer at one of the world's largest provider of managed
internet services, and I can tell you that NS.RACKSPACE.COM and
NS2.RACKSPACE.COM are hit multiple times a year by 8MB/s or greater
DDoS attack.
This was in a datacenter with 9GB/s of bandwidth via multiple OC-48
connections.
Sorry, I don't buy your argument. First of all, big companies like
Rackspace will always be an attractive target. We're talking about
one piddling open source project here. Secondly, you're omitting the
need for economy/sanity. Rackspace has a strong economical need to be
up 24/7. Yes, you could put 20 secondaries into the zope.org DNS
structure, but what is the point? You will never need that capacity
in your life. 3 total is plenty. With 20 secondaries you also have 20
cats to herd, meaning 20 people who own and manage those secondaries.
jens
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
iD8DBQFFGVBVRAx5nvEhZLIRAgIgAKCBWRVa9MUwVxi+sweMumRR7Cz/uACfWPzI
ZtTvQXT+wsDwsKPODXmMXbk=
=rK4u
-----END PGP SIGNATURE-----
_______________________________________________
Zope-web maillist - Zope-web@zope.org
http://mail.zope.org/mailman/listinfo/zope-web
