Hi, On Wed, Sep 05, 2012 at 01:19:19PM +0200, Shane Kerr wrote:
On Wednesday, 2012-08-29 12:21:35 +0200, Gert Doering <gert@space.net> wrote:
due to the way RPSL-authentication and DNS tree'ing work, this is not easy to do in a non-hierarchical structure, so "having this done by the RIPE NCC" makes sense from a technical point of view.
While it is true that DNS is hierarchical, there is no particular reason that the RIPE NCC or any RIR has to be the one managing the reverse DNS.
True. One the things that speaks in favour of having the RIR do so is "they have the authentication machinery in place". Someone else tasked to run reverse DNS for 194/8 would have to basically copy the RIPE database to be able to judge who is permitted to make changes to "their" DNS delegations ("their" being defined by *RIR* delegation data)... Not that it can't be done, but I don't see any benefit in doing so, unless the service provided by the RIRs degrades to the point where someone else can do better for less cost.
OTOH, I can see that the NCC wants to see some money in exchange for the expenses running all this (and that seems to make sense as well :-) ).
If it's too costly, I assure you that there are several DNS companies that would be happy to take over the task.
So, how would you authenticate that I'm authorized or not to have a DNS delegation for 30.195.in-addr.arpa? Without help of the RIPE NCC? "Being able to run a DNS server" is not the difficult part here (though that seems to be surprisingly difficult in itself, occasionally). Gert Doering -- NetMaster -- have you enabled IPv6 on something today...? SpaceNet AG Vorstand: Sebastian v. Bomhard Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. Grundner-Culemann D-80807 Muenchen HRB: 136055 (AG Muenchen) Tel: +49 (89) 32356-444 USt-IdNr.: DE813185279