From owner-freebsd-stable@FreeBSD.ORG Wed Aug 1 11:02:06 2007 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 29E1316A469; Wed, 1 Aug 2007 11:02:06 +0000 (UTC) (envelope-from skip@menantico.com) Received: from vms044pub.verizon.net (vms044pub.verizon.net [206.46.252.44]) by mx1.freebsd.org (Postfix) with ESMTP id 0C0A813C428; Wed, 1 Aug 2007 11:02:06 +0000 (UTC) (envelope-from skip@menantico.com) Received: from mx.menantico.com ([71.168.196.161]) by vms044.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPA id <0JM3000IWDBG5RJ7@vms044.mailsrvcs.net>; Wed, 01 Aug 2007 06:02:05 -0500 (CDT) Date: Wed, 01 Aug 2007 07:07:27 -0400 From: Skip Ford In-reply-to: <46B01D5E.6050004@psg.com> To: Randy Bush Mail-followup-to: Randy Bush , FreeBSD Current , FreeBSD Stable Message-id: <20070801110727.GC59008@menantico.com> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii Content-disposition: inline References: <46B01D5E.6050004@psg.com> User-Agent: Mutt/1.4.2.3i Cc: FreeBSD Current , FreeBSD Stable Subject: Re: default dns config change causing major poolpah X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Aug 2007 11:02:06 -0000 Randy Bush wrote: > the undiscussed and unannounced change to the default dns config to > cause local transfer of the root and arpa zone files has raised major > discussing in the dns operational community. (see the mailing list > dns-operations@mail.oarc.isc.org). > > did i miss the discussion here? No. There was none. > i have spent some hours turning off the default bind and going custom on > a dozen or so machines around the planet. i am not happy. > > what am i missing here? I don't have an axe to grind. I don't run the default config on any of my 2 dozen name servers (not all of which run bind anyway) so I wasn't really affected by the change. However, I thought it was a really, really, terrible idea, and a rather rude act considering it relies on the charity of others to not break. There is no requirement that FreeBSD users be permitted to slave the roots. Everyone who uses the default config can have their setups broken the day after installation. We never asked permission to use the resources of others in this way, and they're not required to allow us to do so. It's rude to assume they'll allow it, and it's risky to not receive permission beforehand to ensure slaving the roots will continue to work after RELEASE. The original commit message for the change indicated it was done to bring us in line with "current best practices" but that commit message is the only place I have ever seen anyone say that slaving the roots is current best practice. Again, I don't have an axe to grind and I really don't want to get in the middle of a personal attack. I don't think the world will explode, and in reality, there will probably be no problems at all, but if there aren't, it's because of pure luck not good planning or decision making. Microsoft makes much worse assumptions about the availability of the resources of others, but this is a Microsoft-ish decision, IMO. Just not a good plan. -- Skip