Your IP address is 54.226.227.175

Filters

Lame delegations in AFRINIC reverse DNS (v02)

Details
  • Ref. Name:
    AFPUB-2017-DNS-001-DRAFT-02
  • Submitted:
    22 November 2017
  • Versions: 2.0
  • Status:
    Last Call
  • Authors:
    - D. Shaw [daniel at afrinic.net]
    - A. Phokeer [amreesh at afrinic.net]
    - N. Goburdhan [nishal at pch.net]
    - J. Engelbrecht [jaco at jacoengelbrecht.eu]
  • Staff Assessment

1. The Problem Being Addressed by this Proposal

DNS ‘Lame’ Delegations

In the DNS, a lame delegation is a DNS misconfiguration error. If a given DNS nameserver is designated as an authoritative server for a domain name, but does not return authoritative data for that name when queried, this is considered a lame delegation.

This could be due to the nameserver not having authoritative data for the DNS zone, or simply not responding at all.

DNS misconfigurations such as this have an operational impact on the global DNS as they cause additional unnecessary queries compared to having no delegations at all. However, the end result to a DNS client is ultimately the same: No data is found.

Also see:

A large number of the reverse DNS delegations from the AFRINIC database are misconfigured in this way.

 

2. How this Proposal Addresses the Problem

2.1. Summary

The aim of this policy is to enable AFRINIC staff to remove lame delegation records from ‘domain’ objects in the AFRINIC database.

 

2.2. Scope of the Policy

This policy would only apply to .arpa domain objects found in the AFRINIC registry database. It excludes incoming minority resource records from other RIRs, and legacy resources.

 

3. Proposal

3.1. Policy Update

The following text will be added into the Consolidated Policy Manual:


10.7 Removal of ‘Lame’ Delegations

Once a given ‘nserver’ attribute has been determined to be lame for a given domain, and reasonable attempts have been made to contact the responsible person(s), the nserver attribute must then be removed from the given domain object. A ‘remarks’ line should be added to the domain object in the database recording this.

In the event all nameserver records are lame for a given delegation, the domain object would be removed in its entirety. Historical information about removed domain objects should be archived for a reasonable amount of time and made available as necessary.


3.2 Sample Implementation Guideline

A sample operational manual is available online as a suggested guideline to AFRINIC staff.

Please note that this is a sample by the authors for a suggested implementation, and not part of the policy. It does not necessarily reflect a final implementation by AFRINIC staff.

 

3.3 Similar Policies in Other Regions

 

4. Revision History

Date

Details

15 Mar 2017

Version 1.0
First Draft AFPUB-2017-DNS-001-DRAFT01

22 Nov 2017

Version 2.0
Second Draft AFPUB-2017-DNS-001-DRAFT02

A complete rewrite of the text to simplify and clarify. Neither the intent, nor the actions and results of the proposal have changed. The text is simply now confined to a brief problem statement and the desired end result.

  • Removed all text to do with background, terminology, explanations, impact of the problem, motivations and possible implementation details.
  • Trimmed down policy statement to make it simple and clear.

Discussions are taking place on the policy working group mailing list if you want to subscribe to the mailing send your subscription request to rpd-request [at] afrinic.net with 'Subscribe' as subject line


Mailing list archives can be found at https://lists.afrinic.net/pipermail/rpd