6. LAME DELEGATION POLICY
Important notes:
The PDF document hosted on this page is the authoritative version of the Policy Manual. The web version is provided to make it easier for readers to quickly browse the different sections of the Manual.
In the event of a conflict between the web version and the pdf version of the Manual, the pdf version shall control.
This document and/or information was originally written in Spanish, the official language of Uruguay, the country where LACNIC is legally incorporated and whose laws and regulations LACNIC must meet. Likewise, unofficial information and/or documents are also written in Spanish, as this is the language in which most of LACNIC's collaborators and officers work and communicate. We do our best to ensure that our translations are reliable and serve as a guide for our non-Spanish-speaking members. However, discrepancies may exist between the translations and the original document and/or information written in Spanish. In this case, the original text written in Spanish will always prevail.
A DNS server is considered to have a lame delegation problem when this server appears registered in the zones for reverse resolution of IP address blocks but when the server is queried it does not respond authoritatively.
The DNS server’s non-authoritative response is interpreted as a server configuration error and, in accordance with LACNIC's standards, this DNS server shall be considered as having lame delegation problems.
The process for correcting lame delegations within the IP address space administered by LACNIC follows the following phases:
- Detecting lame delegations.
- Monitoring DNS servers with lame delegation problems.
- Notifying the responsible parties.
- Deactivating DNS servers.
- Activating new DNS servers.
6.1.Detecting Lame Delegations
LACNIC shall periodically revise in-addr.arpa and ip6.arpa zones where there are DNS servers registered for reverse resolution within the region covered by LACNIC. Only those segments delegated directly by LACNIC shall be considered in DNS server monitoring and deactivation processes.
A DNS server registered in LACNIC's system shall be considered to have lame delegation problems if a query of the SOA record of the DNS server does not provide an authoritative answer for said record.
The verification will be performed for each in-addr.arpa and ip6.arpa zone delegated to each DNS server.
If there is no authoritative answer, the DNS server shall be catalogued as having lame delegation problems for the in-addr.arpa and ip6.arpa zone reviewed and therefore it will enter a monitoring process.
6.2.Monitoring DNS Servers with Lame Delegation Problems
Prior to establishing that a DNS server has permanent lame delegation problems for an in-addr.arpa or ip6.arpa zone, LACNIC shall monitor the DNS server for a period of seven days. If after this period the problems still persist, LACNIC shall notify those responsible for the IP address block.
If a DNS server that was originally detected as having lame delegation problems responds correctly for the in-addr.arpa or ip6.arpa zone before the DNS server deactivation phase, the server shall be removed from the monitoring list corresponding to these zones.
6.3.Notifying the Responsible Parties
Firstly, the administrative contact of the affected block shall be notified, together with the technical contact if this information is available. Notifications shall be sent out every fifteen days over a period of sixty days. LACNIC reserves the right to investigate other types of contacts if during the first thirty days no answer is received from the administrative and/or technical contacts.
6.4.Deactivating DNS Servers
Once the notification period defined above has ended, these servers shall be eliminated from LACNIC zones.
The DNS server will only be deactivated in those in-addr.arpa or ip6.arpa zones where it exhibited lame delegation problems. Other DNS servers providing services for those zones will not be affected.
A comment shall be added to the block’s record in the WHOIS database specifying that the DNS server registered for reverse resolution of the in-addr.arpa or ip6.arpa zones corresponding to the segment was deactivated due to lame delegation problems.
Only those segments delegated directly by LACNIC shall be considered in DNS server monitoring and deactivation processes.
6.5.Activating New DNS Servers
DNS server activation shall follow the usual procedures already set forth in LACNIC's policy. Only the block's administrative or technical contact shall be able to activate new DNS servers through LACNIC's registration system. Any new DNS server registered at LACNIC must respond authoritatively to the block at the moment it is activated, otherwise server registration shall be rejected.