[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Numbering nameservers and resolvers
- Subject: Numbering nameservers and resolvers
- From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks at vt.edu)
- Date: Mon, 16 Aug 2010 03:14:53 -0400
- In-reply-to: Your message of "Sun, 15 Aug 2010 23:49:05 PDT." <[email protected]>
- References: <[email protected]>
On Sun, 15 Aug 2010 23:49:05 PDT, Mike said:
> I am needing to renumber some core infrastructure - namely, my
> nameservers and my resolvers - and I was wondering if the collective
> wisdom still says heck yes keep this stuff all on seperate subnets away
> from eachother? Anyone got advice either way
Microsoft used to have all their DNS servers on one /24. Nine years later,
you can still use Google on just 'microsoft dns server failure subnet' and
find this on the second page of over a million hits:
http://www.wired.com/techbiz/media/news/2001/01/41423
(OK, so our local resolvers are in one /24, but it's a bridged VLAN across our
entire campus, the servers are physically in buildings several miles apart, and
if you can't reach at least one of them, it probably means our campus core
network is hosed enough that you're not going to do anything with a DNS
response anyhow... Our authoritative servers are split across 2 different AS's
in 2 different states.)
Whatever gave you the idea that collective wisdom could *possibly* have
moved away from "spread it out as far as you can to avoid single points of
failure"?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20100816/04ec85ce/attachment.bin>