Dear all,
We are proposing to retire the secondary DNS service by the end of 2024 and we're asking for your input and feedback on this proposal.
I agree with the proposal. I also agree with the recommendation to stop the service at a different time than the end of the year holidays. I saw there are 663 broken delegations. I understand most of these (if not all) are such that ns.ripe,net cannot download the zone from the master. I am wondering whether there are also cases when the master does not even have the ns.ripe.net configured as NS - I suspect there are. Anyway, in case of the broken delegations I would recommend to consider decommissioning them from the very beginning (1 July 2024). This means that ns.ripe.net (and other servers involved, e.g. transfer servers) would ignore these zones (i.e. these zones would be deleted from their configuration). This would free up some of the NCC resources. The difference would be that ns.ripe.net would answer with REFUSED instead of SERVFAIL. I would go even further, I would delete the delegation to ns.ripe.net from the parent zone (usually the /8 for IPv4) - this way there would be much less unanswerable traffic going to ns.ripe.net. I think it would be better to not touch the domain objects at this time, and process them together with the correct delegations. Best regards, Janos
Paul de Weerd Manager Global Information Infrastructure team RIPE NCC