. No issue
there.
What people were complaining about is that some zones that have been delegated to other
name servers
do not allow AXFR. E.g. Fredric Moses - W8FSM has been explaining here that he won't
allow AXFR
on his zones.
Now why one would not allow AXFR on a reverse zone to someone in net44 is completely
unclear to me.
It is easy to work around, after all. Probably they based their policy on considerations
about a forward zone, and about allowing transfer to everybody.
Rob
On 2024-04-25 00:02, Jeff Parrish-Personal via 44net wrote:
Good evening, everyone,
I have been passively watching this heated discussion. I usually wouldn't jump in on
it, but I have some input.
1.
We are HAMS, and one of our goals is to better the hobby for everyone.
2.
I think finding a way to have multiple recursive DNS geographically disbursed is a
good idea.
3.
We must remember that any DNS we get from ARDC, whether
ampr.org or
ardc.net, is
still technically an ARDC ZONE, and they have the right to choose whether they will allow
AXFR.
4.
While you need to have a DNS entry created in the ARCH Portal for IPIP to work, if
you have your own domain name, you can still use that. I own
kb9gxk.net and will publish
it under my domain for anything I wish to allow others to access. I chose Cloudflare for
this as I can use their CloudflareD option to allow public access via my IP but keep the
actual HAM traffic going through my IPIP tunnel.
5.
There are no RFCs stating that a DNS server MUST allow for AXFR. That easily allows
for DNS poisoning. I'm hoping that ARDC's DNS servers are using DNSSEC to help
prevent this.
6.
Lynwood, if you have a server in a Data Center, why would you not work with them to
get a BGP connection instead of using IPIP? I'm not saying you have to; I'm just
curious.
7.
The new portal has given us much more access than the old one, and there are bound to
be bugs and delays as many more requests are being processed. I'm still having an
issue with my DNS stuff, but I am patiently waiting. In my case, my IPs were previously
assigned, and my "DNS Name" was created in the wrong domain, so when I had asked
for the previous assignments to be removed, I couldn't create the proper entries for
my IPs to work correctly. Again, I know they are backed up with tickets, and I will wait
patiently.
This whole discussion could have been handled differently. This could have started as a
proposal of ideas and asking for implementation.
As a side note, when I get passionate about something I believe and decide to write an
email, I use Grammarly to a) make sure my grammar is correct and b) check the tone of the
email. I have learned that my passion can be very off-putting, so I have found a way to
say what I need to, but it is not demeaning.
73,
Jeff Parrish - KB9GXK