On 7/19/20 8:42 AM, Ken Hohhof wrote:
The idea seems to be that you are outsourcing your redundancy to a big
company like Cloudflare or Amazon that can do it better than you could,
or at least has more resources.
A quick read of some of the discussion lists indicates that you can’t
run Cloudflare DNS and something else for redundancy. I don’t
understand the technical issues, but apparently that’s not how it
works. There’s also supposedly the issue that Cloudflare is doing
attack mitigation, and if you disclose the IP addresses of your other
DNS servers, they will get attacked and won’t be able to survive a
terabit flood of traffic.
Which is completely opposite of the historical best practice of using at
least two unrelated DNS providers so all of your nameservers don't share
the same fate when a provider has an outage.
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
