Search RPD Archives
[rpd] Lame delegation in AFRINIC WHOIS database
amreesh at afrinic.net
Thu Oct 27 08:53:43 UTC 2016
> On Oct 26, 2016, at 11:29 AM, Mark Elkins <mje at posix.co.za> wrote:
> On 26/10/2016 09:24, Amreesh Phokeer wrote:
>> Questions to the community:
>> 1. Should AFRINIC implement operational checks that are run periodically
>> and members are informed about the status of their domain objects.
> "After X reminders, if domain object still contain lame NS records, domain
> object are removed." is part of "2"
> years ago, when I started to run the CO.ZA domain name system, Mike
> Lawrie, the previous administrator, strongly suggested to me that you
> should not put something into the zone until it works. i.e. Start off
> with something that works.
> This was built into the CO.ZA DNS system - your Nameservers has to work
> at the time of delegation. Lots of people did not like this - but it was
> policy. This has relaxed a bit over time.
> When Nameservers are added to the AFRINIC "my.afrinic.net" web interface
> - one could run some checks there and then and provide user feedback.
> One could either refuse to accept the new/change operation immediately -
> or perhaps after a day (before people forget).
some of those checks can(should) be implemented on the MyAFRINIC/WHOIS
interface, it will help reduce fake entries.
75% of errors are due to non-responsive servers
• Response status is REFUSED or SERVFAIL
• No answer received from server i.e ANSWER: 0
What maybe happening is that at the moment of creation, the NS works well
but they are probably not maintained any further (possibly because they are
A further analysis would be what percentage of domain objects have at least
one working NS.
> A once-yearly check would perhaps be appropriate. If something is noted
> to be bad, check once a week/month and send warnings until its fixed (or
> perhaps automatically deleted).
> Currently - I have no idea if any of my Nameservers are Lame. That would
> be the first problem to "fix”.
> I think visual feedback should also be provided for DS records
> added/present in the system. Always do these tests when someone makes a
> change - and perhaps when ever someone logs into my.afrinic.
thanks for the suggestions
>> 2. Should the AFRINIC community enforce lame delegation removal through
>> a policy.
> Whether Policy or not - I'd support the eventual removal of nameservers
> found to be completely broken.
> Mark James ELKINS - Posix Systems - (South) Africa
> mje at posix.co.za Tel: +27.128070590 Cell: +27.826010496
> For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1587 bytes
Desc: not available
More information about the RPD