APNIC Home APNIC Home
Info & FAQ |  Resource services |  Training |  Meetings |  Membership |  Documents |  Whois & Search |  Internet community

You're here:  Home  Mailing Lists sig-dns 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[sig-dns]Final call for comments: [prop-004-v001] - Final call forcomments: [prop-004-v001]

Dear colleagues

APNIC welcomes comments, questions, and suggestions on the following policy
proposal:


____________________

Final call for comments: [prop-004-v001]
"A proposal for sweeping lame DNS reverse delegations"
____________________

This is the final call for comments on policy proposal [prop-004-v001] "A
proposal for sweeping lame DNS reverse delegations".

This proposal was presented at APNIC 16 and the following consensus was
reached:

  "The SIG accepted by consensus the proposal for the APNIC
   Secretariat to commence an automated, structured cleanup
   of lame DNS delegations in the APNIC Whois database."

This proposal is now submitted to the sig-dns mailing list for an eight week
discussion period. At the end of that period, if consensus appears to have
been achieved, the Chair of the Database SIG will ask the Executive Council
to endorse the proposal for implementation.

*   Send all comments and questions to:   <sig-dns@apnic.net>
*   Deadline for comments:                20 November 2003



____________________

Proposal details
____________________

It is proposed that APNIC should adopt procedures to repair or remove
persistently lame DNS delegations. The details of the proposed procedures
are as follows:

* Step 1 - Identify potential lameness

  - APNIC currently runs regular administrative tests on DNS
    delegations, for statistical purposes. It is proposed to
    extend the scope of these tests by specifically identifying
    potentially lame DNS delegations.


* Step 2 - Test the DNS reverse delegation (15 day test period)

  - When a DNS delegation is identified as potentially lame, a
    "lame DNS timer" will start.

  - While the timer is running, the delegation will be regularly
    tested for lameness. The testing will be performed from at
    least two geographically separate locations.

  - If the DNS delegation successfully resolves DNS during the
    testing period, then the timer will be reset. This allows
    for temporary problems to be fixed before any action is
    required from APNIC.

  - If the timer runs for 15 days without being reset, then the
    DNS delegation will be considered as persistently lame.


* Step 3 - Attempt to notify the domain holder (45 day notice period)

  - Once a DNS delegation is considered persistently lame, the
    45 day notice period will start.

  - APNIC will email each admin-c and tech-c registered in the
    domain to inform them of the problem in their delegation.
    If the problem is not fixed, this email will be repeated weekly.

  - If APNIC receives no reply from the emails, it will try to
    contact the domain holders using any other contact information
    available (such as phone, fax, or postal mail). APNIC may also
    seek contact through parent records in the database, upstream
    ISPs, and any other relevant contact details that may be available.


* Step 4 - Disable lame DNS delegation

  - If the DNS delegation is still lame at the end of the 45 day
    notice period, APNIC will insert a special marker in the remarks
    field of the relevant domain object. This marker will identify
    the DNS delegation as "administratively blocked" and will cause
    the delegation to be withdrawn.

  - The special marker may be removed by the domain holders at any
    time, using normal whois database procedures.

  - The special marker will contain text noting that APNIC is
    overriding the listed "nserver" records, timestamp information,
    and a URL to instructions for re-enabling the delegation.

  - While the delegation remains blocked, APNIC will send monthly
    email remainders to each admin-c and tech-c.


* Scope of proposed procedure

This procedure will apply to each nserver entry listed in domain objects.
Therefore, if all nserver entries in a particular domain object are disabled
for persistent lameness, the entire domain will be withdrawn from the DNS.
In these cases, reverse DNS lookup will terminate in the APNIC nameservers
with an NXDOMAIN response.


* Reporting

Because DNS lameness is globally visible, details of the current status of
all domains under test will be posted to the APNIC website.

At each APNIC Open Policy Meeting, the DNS SIG agenda will include a report
by the APNIC Secretariat on activities relating to DNS lameness.  Reports
will also be sent to the DNS SIG mailing list. The reports will include the
status of domain objects, the rate of administrative disabling and
re-enabling, and related activities.

The APNIC Secretariat may also make additional reports to other bodies, such
as IEPG and NANOG. 
      

____________________

References
____________________

Proposal details including full text of proposal, presentations, links to
relevant meeting minutes, and links to mailing list discussions are
available at:

    http://www.apnic.net/docs/policy/proposals/prop-004-v001.html



______________________________________________________________________
APNIC Secretariat                              <secretariat@apnic.net>
Asia Pacific Network Information Centre (APNIC)   Tel: +61-7-3858-3100
PO Box 2131 Milton, QLD 4064 Australia            Fax: +61-7-3858-3199
Level 1, 33 Park Road, Milton, QLD                http://www.apnic.net
______________________________________________________________________