Search RPD Archives
[rpd] Lame delegation in AFRINIC WHOIS database
froztbyte at froztbyte.net
Wed Oct 26 07:56:54 UTC 2016
On 26 Oct 2016, at 9:24, Amreesh Phokeer wrote:
> Dear Community,
> AFRINIC carried out an experiment on the WHOIS database and checked
> for lame delagations on our domain objects. Domain objects are used to
> register reverse delegation from our members to whom resources have
> been allocated or assigned. A domain object consists of two main
> parts: the reverse zone and a set of name servers.
> A name server is considered 'lame' if it is found to be either:
> - not responsive
> - not serving the intended zone
> - not authoritative
> At the time of the experiment, AFRINIC had 29894 'in-addr.arpa' domain
> objects with 72341 NS records and 196 'ip6.arpa' domain objects with
> 550 NS records.
> We studied each <domain, NS> tuple.
> In total, it was found that 45.5% of <domain, NS> records to be lame
> for IPv4 zones and 32% for IPv6 zones. The cause of lameness is due to
> unresponsive DNS servers (23.5%), name servers not serving the
> intended zone (75.5%) and non-authoritative NS (1%) for both v4 and
That’s a pretty large percentage.
> Lame delegations can negatively impact Internet performance for
> example through delayed DNS lookups or simply failed responses. It is
> therefore important to provide a clean reverse delegation database to
> improve the robustness of the DNS.
> Other RIRs have set stringent operational checks, that remind
> operators to fix their lame name servers, failing which, reverse
> delegations are simply removed. LACNIC has a lame delegation policy
> Questions to the community:
> 1. Should AFRINIC implement operational checks that are run
> periodically and members are informed about the status of their domain
> objects. After X reminders, if domain object still contain lame NS
> records, domain object are removed.
> 2. Should the AFRINIC community enforce lame delegation removal
> through a policy.
Both 1 and 2 seem like they’d be in the interests of getting more
reliable whois and reverse DNS present in the region.
As a side consideration, it might be worth releasing some (further?)
information as a guide for operators in the region, as it might be that
some of them struggle to set this up (thus leading to this lack).
 - I must admit that I haven’t gone through any of the AfriNIC
operator training myself, so I’m not certain if this is already
More information about the RPD