Background
Usually domain registration and maintenance systems are separated from Domain Name System (DNS is resolving queries send by Internet users, translating domians into IP addresses). Normally there is no "direct" connection between registration system and live DNS. Those two "worlds" are connecting when the registry system is exporting* zone file(s) and the zone file is uploaded into primary DNS server (and than distributed to the secondary Name Servers).
German accident is similar to the case from Spain (in 2006 the empty zone file has been uploaded) and Sweden (in 2009 incorrect DNSSEC-signed zone file has been uploaded). Unfortunately in both mentioned situations this critical part of the process has not been secured by automatic checks verifying the newly generated zone file.
Solution
To avoid such incidents, automatic verification mechanism(s) can be used to check the differences between the new generated zone file and the previous one (the last correct zone file). If the number of changes is higher than usual, it indicates that some errors are quite likely to happen and the process should be terminated. It's the common practice in many different industry sectors, to check if the changes in the computer databases, physical storage, resources or energy consumption etc. are not deviated from what is expected from statistical estimations. The idea behind such statistical checks is to eliminate major errors using automatic verification systems. Of course such (statistical) methods don't eliminate minor problems, requiring more sophisticated control solutions to be implemented.
Polish Media
German blackout has been widely discussed in German and International media. In Poland, the full coverage of this situation has been provided by:
Explanations
*There is also another solution for updating zone files called "dynamic updates", allowing small portions of domains to up updated more frequently than zone files reloads. German registry is not using this method to update DNS.
0 komentarze:
Post a Comment