I've changed the subject line because, if this turns into a
discussion, it will be a different one...
--On Wednesday, 12 December, 2007 22:22 -0800 Dave Crocker
<dhc2@xxxxxxxxxxxx> wrote:
>...
> 2. If the machines the DNS entries point to are, themselves, a
> single point of failure, it's not clear how much difference it
> really makes to have the DNS servers distributed.
AFAIK, this is part of a long-standing discussion in the IETF
and the broader community. One view is that one I think you are
stating above, i.e., if the services cannot be reached and used,
then it doesn't make any difference whether the DNS records are
accessible or not.
The other is that knowing that the hosts exist (i.e., that one
did not commit a typing or memory error) is useful information
even if the services cannot be reached is useful information and
that the original DNS recommendations about no fate sharing
remain reasonable and valid. If anything, that recommendation
becomes more important in these days in which various entities
feel free to snag failed DNS queries and divert the responses to
point to places of their choosing.
IMO, it would be really helpful if relevant WGs or other groups
concerned with DNS operations and configurations would take the
question up again, review it, and make some sort of definitive
contemporary statement (even if that were only "it depends" with
an explanation of the tradeoffs).
john
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf