> On 14 Jan 2025, at 09:59, Anand Buddhdev <ana...@ripe.net> wrote:
> 
> Dear colleagues, 
> 
> On Wednesday 15 January, we'll be moving on to the final phase of removing 
> our secondary DNS service for LIRs (ns.ripe.net) and updating all associated 
> objects in the RIPE Database. This update will remove the "nserver: 
> ns.ripe.net" attribute from them.
> 
> I am happy to report that 93% of the zones have been updated and stopped 
> using ns.ripe.net as a secondary name server. The remaining zones that have 
> not been updated will not be affected because they will have at least one 
> working name server after this update. Therefore, we do not expect the DNS 
> resolution of these zones to fail.


Hi Anand,

After you remove the nserver entry in WHOIS, will you do a bit of dumping of at 
least the domains that are still attempted to be resolved through ns.ripe.net 
<http://ns.ripe.net/> to have a small overview of the amount of domains and 
amount of queries that are still flowing there.

Before shutting down / removing the label of ns.ripe.net <http://ns.ripe.net/> 
another experiment that one could do is to change the IP of ns.ripe.net 
<http://ns.ripe.net/> to a distinct one, one then either should see queries 
follow to that new IP (thus them having a NS of ns.ripe.net 
<http://ns.ripe.net/>) or staying on the old IP (thus them using a different 
name in the NS).

Noting that the group that is using the IP 'directly' (or well, outside of the 
ns.ripe.net <http://ns.ripe.net/> name) will cause those queries to keep on 
going to your IP, and when you shutdown that IP it will just mean ICMP traffic 
and retries...

For the ones using ns.ripe.net <http://ns.ripe.net/>, they will keep on trying 
to resolve ns.ripe.net <http://ns.ripe.net/> but at least if you put a long TTL 
on the NXDOMAIN it should be decently cached and thus not impact your infra too 
much.


Also, as there are contacts in the WHOIS entry, and you did an effort to 
contact the owners, can you state what the response rate was, also how many of 
the contacts bounced? Were they focussed on a few LIRs or spread out, old 
records or any other insights. Could be a good way to see how 'correct' the 
data in WHOIS actually is...



Nevertheless good luck! (especially in the hope that the remaining query rate 
is low and no incidents too of course :) )


Regards,
 Jeroen

-----
To unsubscribe from this mailing list or change your subscription options, 
please visit: https://mailman.ripe.net/mailman3/lists/dns-wg.ripe.net/
As we have migrated to Mailman 3, you will need to create an account with the 
email matching your subscription before you can change your settings. 
More details at: https://www.ripe.net/membership/mail/mailman-3-migration/

Reply via email to