From owner-freebsd-hubs@FreeBSD.ORG Wed Jun 25 00:17:08 2003 Return-Path: Delivered-To: freebsd-hubs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF6E437B401 for ; Wed, 25 Jun 2003 00:17:08 -0700 (PDT) Received: from electra.cse.Buffalo.EDU (electra.cse.Buffalo.EDU [128.205.32.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id EC01443F3F for ; Wed, 25 Jun 2003 00:17:07 -0700 (PDT) (envelope-from kensmith@cse.Buffalo.EDU) Received: from electra.cse.Buffalo.EDU (kensmith@localhost [127.0.0.1]) h5P7H6br002459; Wed, 25 Jun 2003 03:17:06 -0400 (EDT) Received: (from kensmith@localhost) by electra.cse.Buffalo.EDU (8.12.9/8.12.9/Submit) id h5P7H543002458; Wed, 25 Jun 2003 03:17:05 -0400 (EDT) Date: Wed, 25 Jun 2003 03:17:05 -0400 From: Ken Smith To: Daniel Lang Message-ID: <20030625071704.GB1478@electra.cse.Buffalo.EDU> References: <20030624173337.GD11784@electra.cse.Buffalo.EDU> <7m7k7b564w.wl@black.imgsrc.co.jp> <20030625011941.GB26111@electra.cse.Buffalo.EDU> <20030625061059.GB3446@atrbg11.informatik.tu-muenchen.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030625061059.GB3446@atrbg11.informatik.tu-muenchen.de> User-Agent: Mutt/1.4.1i cc: freebsd-hubs@freebsd.org cc: Ken Smith Subject: Re: DRAFT - DNS Admin Guide X-BeenThere: freebsd-hubs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Distributions Hubs: mail sup ftp List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 25 Jun 2003 07:17:09 -0000 On Wed, Jun 25, 2003 at 08:10:59AM +0200, Daniel Lang wrote: > Hmmm, the not TLD-divided namespace is/should be part of > discussion anyway. I think there have already been some > suggestions to regorganise it (put the US mirrors under > us.freebsd.org, select most responsive set of worldwide > mirrors to populate ftpX.freebsd.org, etc). Cool. I've sorta felt the US-centric nature of the net should be adjusted whenever possible so us.freebsd.org is good IMO... But this does kind of circle back to dnsadm@ not necessarily being the best people to decide these issues, and that these sorts of decisions should be done by one person or a group of people who are more intimately involved in the mirror system (the Coordinators). > > Could you give some examples of the sorts of questions/email/whatever > > that you want the system we design to take care of? > [..] > > Handling delegation for country code subdomains. This is requested > every once in a while, and it's more crucial, because it can affect > many sites and many services. Not only an authorization mechanism > (like PGP) needs to be established, but also guidelines for > mirror/service operators of that zone how to select and authorize > their responsible zone admin, who can issue requests for changes > in the delegation (or ask for delegation in the first place, if > the subdomain does not exist, yet). The proposal's suggestion for that was to "internalize" it inside of dnsadm@ and they decide strictly based on the *DNS* mechanics of things. Are the DNS servers overloaded? Are there so many requests for that it would be convenient to have another set of hands doing the edits for that? Would we like to have another DNS server in but perhaps it is sufficient to make it a pure slave server and still keep master info on the main master site (thus nameservice queries in may flow better but updates still happen centrally). Creation of the country code based subdomains happen automatically and with no "special" authorization as a side-effect of the Mirror Coordinator (or whatever, that's the question Jun raised) saying there is a new mirror site in that country. I think this is one of those things that need to be evaluated on a cost/benefit basis. What is the benefit to allowing this sort of delegation to begin with? I'm not completely sure what the answer is to that - I'm sure I only have a partial picture of it. I have seen the cost though - it seems to confuse a lot of people and they're not sure where to ask for stuff. The current layout seems to be that a "Region" as much as possible is left to decide issues like how many FTP mirror sites to have, etc. on their own. That's a really good thing as long as the Regions are well defined, those Regions have a strong leadership within themselves, etc. But I'm not sure it's working. Working with an example at hand, we have a site in Croatia that has been given access to ftp-master and is ready to join in as ftp.il.freebsd.org. But il.freebsd.org doesn't exist. It needs to be handled centrally but who is that? The folks doing us.freebsd.org by default? Someone needs to realize that they are the coordinator for anything that doesn't have its own strong Regional leadership. Things fall through cracks. And, as the delegation changes, all of that becomes a moving target for the people who are trying to administer the WWW sites for example (now suddenly a new Region popped up so person X doesn't need to worry about requests from that region any more, it's person Y). And as you say, what happens if there is a LOT of interest in Croatia for FTP mirror service and they want to administer that locally but they have zero interest in CVSup? All of this is something you need to live with in a truly large organization. But is the DNS administration such a heavy load that it can't be handled by a relatively small number of people? I can't answer that, it's an open question. If it isn't a very heavy load "end-user frustration" can be avoided by a one-stop-shopping low overhead setup as I proposed. If it is a heavy load then what I proposed is inadequate. :-) -- Ken Smith - From there to here, from here to | kensmith@cse.buffalo.edu there, funny things are everywhere. | - Theodore Geisel |