Because someone "knows better".... Those who don't learn from history....
On 7/19/20 10:18 AM, Seth Mattinen wrote:
On 7/19/20 8:42 AM, Ken Hohhof wrote:
The idea seems to be that you are outsourcing your redundancy to a
big company like Cloudflare or Amazon that can do it better than you
could, or at least has more resources.
A quick read of some of the discussion lists indicates that you can’t
run Cloudflare DNS and something else for redundancy. I don’t
understand the technical issues, but apparently that’s not how it
works. There’s also supposedly the issue that Cloudflare is doing
attack mitigation, and if you disclose the IP addresses of your other
DNS servers, they will get attacked and won’t be able to survive a
terabit flood of traffic.
Which is completely opposite of the historical best practice of using
at least two unrelated DNS providers so all of your nameservers don't
share the same fate when a provider has an outage.
--
AF mailing list
AF@af.afmug.com
http://af.afmug.com/mailman/listinfo/af_af.afmug.com
