IETF Logo Mail Archive

Re: [DNSOP] Terminology: "primary master"

Tony Finch <dot@dotat.at> Thu, 23 November 2017 17:44 UTC

Return-Path: <dot@dotat.at>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BC3681300E8 for <dnsop@ietfa.amsl.com>; Thu, 23 Nov 2017 09:44:53 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hmsW-XSVChn2 for <dnsop@ietfa.amsl.com>; Thu, 23 Nov 2017 09:44:52 -0800 (PST)
Received: from ppsw-32.csi.cam.ac.uk (ppsw-32.csi.cam.ac.uk [131.111.8.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 202291300E7 for <dnsop@ietf.org>; Thu, 23 Nov 2017 09:44:51 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-ScannerInfo: http://help.uis.cam.ac.uk/email-scanner-virus
Received: from grey.csi.cam.ac.uk ([131.111.57.57]:35558) by ppsw-32.csi.cam.ac.uk (ppsw.cam.ac.uk [131.111.8.136]:25) with esmtps (TLSv1:ECDHE-RSA-AES256-SHA:256) id 1eHvYP-000iT4-2v (Exim 4.89) (return-path <dot@dotat.at>); Thu, 23 Nov 2017 17:44:49 +0000
Date: Thu, 23 Nov 2017 17:44:49 +0000
From: Tony Finch <dot@dotat.at>
To: Joe Abley <jabley@hopcount.ca>
cc: Havard Eidnes <he@uninett.no>, dnsop@ietf.org
In-Reply-To: <34F896BC-B044-4E46-AC60-8562A8BE782F@hopcount.ca>
Message-ID: <alpine.DEB.2.11.1711231740240.4416@grey.csi.cam.ac.uk>
References: <20171123.121943.1115399549648860645.he@uninett.no> <34F896BC-B044-4E46-AC60-8562A8BE782F@hopcount.ca>
User-Agent: Alpine 2.11 (DEB 23 2013-08-11)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/lmzPDSR6fCOSpkVDC_5sMCqAET4>
Subject: Re: [DNSOP] Terminology: "primary master"
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Nov 2017 17:44:54 -0000

Joe Abley <jabley@hopcount.ca> wrote:
>
> In that sense the idea of using a single master (which I think is
> implied by "primary master" and a name published in a single MNAME
> field) is defensibly archaic.

It's quite difficult to have multiple masters and DNSSEC and coherent
copies of the zone from all masters - i.e. more effort than just spinning
up parallel instances of BIND or Knot in automatic signing mode. The
downstream xfer clients will get horribly muddled if you don't spend the
effort to ensure the masters are generating the same zone data for the
same serial numbers.

Easier to have one primary master which can be replaced quickly.

Tony.
-- 
f.anthony.n.finch  <dot@dotat.at>  http://dotat.at/  -  I xn--zr8h punycode
Fair Isle, Faeroes: Northwest 7 to severe gale 9, occasionally storm 10. Very
rough or high. Squally wintry showers. Good, occasionally poor.

v2.23.0 | Report a Bug | By Email