[BALUG-Admin] [sf-lug] [DO NOT REPLY ALL! ...] reduced DNS redundancy: balug.org/sf-lug.org/sf-lug.com: Fwd: ns1.linuxmafia.com downtime
Thu Oct 25 17:03:05 PDT 2018
Quoting Michael Paoli (Michael.Paoli@cal.berkeley.edu):
> Impacts should mostly be pretty minimal
Yay for DNS secondaries. (My domains have _four_ secondaries with
diverse locations, server software, and management, in addition to
Yay for SMTP robustness. Downtime was about 2 days and 7 hours;
SMTP retries are supposed to continue at least 4-5 days according to
RFC 5321 section 184.108.40.206. So, I don't expect _any_ mail en-route to
linuxmafia.com to fail, unless the sending MTA is extremely
It should be noted that the second robustness (SMTP retries) really
works only if the first one also does (authoritative DNS fallback).
Which is why, as a domain operator, one wants to have diverse
secondaries and set DNS timeout values carefully.
Let's see how long the secondaries' zones would have continued to
be valid if ns1.linuxmafia.com had remained offline (and I didn't
otherwise fix the situation):
$ more linuxmafia.com.zone
;called as ORIGIN linuxmafia.com.
@ IN SOA ns1.linuxmafia.com.
2018101400 ; serial
7200 ; refresh 2 hours
3600 ; retry 1 hour
2419200 ; expire 28 days
900 ; negative TTL 15 mins
So, the DNS secondaries would have had me covered for almost a month
(but SMTP mail would have started bouncing in a couple of days).
More information about the BALUG-Admin