Lame Delegation Policy within the Region Covered by LACNIC

Justification

One of LACNIC's interests is to contribute to the correct operation of Internet within the region. One of the aspects that must be considered is the correct delegation of inverse resolution DNS servers for IP address blocks allocated within the region covered by LACNIC. Currently there is no policy to assist in the correct delegation of DNS servers and avoid the appearance of servers considered "lame" that have a direct effect on global Internet stability.

Lame Delegation Discussion Results

A DNS server is considered to have a lame delegation problem when this server appears registered in the regions for inverse resolution of IP address blocks and at the time of applying for a resolution this server does not respond authoritatively. The non authoritative answer of the DNS server is interpreted as a server configuration error and, according to LACNIC's standards, this DNS server shall be considered as having lame delegation problems.

The process for correction lame delegations within the IP address space administered by LACNIC follows the following stages:

1. DETECTING LAME DELEGATIONS
2. MONITORING DNS SERVERS WITH LAME DELEGATION PROBLEMS
3. NOTIFYING THE RESPONSIBLE PARTY
4. DEACTIVATING DNS SERVERS
5. DNS SERVER ACTIVATION

Detecting LAME Delegations

LACNIC shall periodically revise in-addr.arpa zone where there are DNS servers registered for inverse resolution of administered blocks allocated within the region covered by LACNIC.

A DNS server registered in LACNIC's system shall be considered to have Lame Delegation problems if a query of the SOA record of the DNS server does not provide an authoritative answer for said record.

The reviewing will be done for each in-addr.arpa zone delegated to each DNS server.

If there is no authoritative answer, the DNS server shall be catalogued as having Lame Delegation problems for the in-addr.arpa zone reviewed and therefore it will enter in a monitoring process.

Monitoring DNS Servers with LAME Delegation Problems

Prior to establishing that a DNS server has permanent Lame Delegation problems for in-addr.arpa zone, LACNIC shall monitor the DNS server for a period of seven days. If after this period the problems still persist, LACNIC shall notify those responsible for the IP address block.

If a DNS server that was originally detected as having Lame Delegation problems responds correctly for the in-addr.arpa zone before the phase of deactivating DNS server, the server shall be removed from the monitoring list for the correspondent zones.

Notifying the Responsible party

Firstly, the administrative contact of the affected block shall be notified, together with the technical contact if this information has been provided. Notifications shall be sent out every fifteen days over a period of sixty days. LACNIC reserves the right to investigate other types of contacts if during the first thirty days no answer is received from the administrative and/or technical contacts.

Deactivating DNS Servers

Once the notification period defined above has ended, these servers shall be eliminated from LACNIC zones.

Only those in-addr.arpa zones where the DNS server has Lame Delegation problems will be affected by eliminating the register of the DNS server. Others DNS servers giving services for those zones will not be affected.

A comment shall be added to the block registry on the WHOIS database specifying that the DNS server registered for the inverse resolution for the in-addr.arpa zones for this block was deactivated due to Lame Delegation problems.

DNS Server Activation

DNS server activation shall follow the usual procedures already included in LACNIC's policy. Only the block's administrative or technical contact shall be able to activate new DNS servers through LACNIC's registration system. Any new DNS server registered at LACNIC must respond authoritatively to the block at the moment it is activated, otherwise server registration shall be rejected.