On 21/11/2017 17:30, Reindl Harald wrote: > because of https://www.iana.org/help/nameserver-requirements and he > should not have allowed this setup at all because "Minimum number of > name servers - There must be at least two NS records listed in a > delegation, and the hosts must not resolve to the same IP address" > > and the next paragraph makes it clear that even a second machine in the > same subnet is not enough for obvious reasons > > Network diversity > The name servers must be in at least two topologically separate > networks. A network is defined as an origin autonomous system in the BGP > routing table. The requirement is assessed through inspection of views > of the BGP routing table
Those requirements are the ones that apply to delegations in the root zone. As it is, the topology test is broken because it doesn't account for an Anycast configuration where multiple sites share the same origin ASN even though they're connected via completely different AS paths. Ray _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
