|
Thread Index [isp-dns] Re: US Department of Homeland Security - broken DNS for www.dhs.gov
On Tue, Jan 28, 2003 at 06:38:50AM -0600, Pete Ehlke wrote: | On Tue, Jan 28, 2003 at 03:37:10AM -0600, Phil Howard wrote: | > www.dhs.gov. 900 IN CNAME www.dhs.gov.edgesuite.net. | > www.dhs.gov.edgesuite.net. 21600 IN CNAME a830.g.akamai.net. | > a830.g.akamai.net. 20 IN A 199.232.159.232 | > a830.g.akamai.net. 20 IN A 199.232.159.231 | > | > Two CNAMEs. Hmm. Not good. | | Standard akamai edgesuite DNS setup. This is akamai's decision, not | DHS's. That doesn't excuse DHS for allowing it. But it would give them a time frame to get it corrected. | > Also, the reverse DNS is: | > | > 199.232.159.231 = a199-232-159-231.deploy.akamaitechnologies.net | > 199.232.159.232 = a199-232-159-232.deploy.akamaitechnologies.net | > | > And those don't match in forward (not that this breaks things, but | > it does show me more things they can't get right). | | Ditto. | | DHS didn't get anything wrong here, unless you consider having purchased | akamai edgesuite "wrong". Having purchased services that are wrong doesn't make one innocent. | > BTW, when their webmaster@... and postmaster@dhs.gov mailboxes | > bounced, I used their web feedback form. That form script sends | > email with MY email as the return address, to feedback@... | > which also bounced, and I got the bounce. | > | Now that *is* broken. And who's fault is it? Would you be willing to say that DHS continues to be innocent because they purchased it from someone else without proper dilligence in acuqiring the services? | > I know I could have had all that set up right in less than a day. | > I just wonder how many weeks it will take for the government and | > its contractors to get it right. | > | Feel free to propose to Akamai's architects how you would redisign their | service in less than a day. I'm sure they'll be glad to have the | feedback. Feedback has been sent to them about past issues. It bounced. But it's not my place to point out errors on the part of Akamai to Akamai. I'm not the one with a contract with Akamai. My issue will be with DHS. Unless our government can properly vet the services it buys, how the hell can we trust they will carry out their duties properly? And DHS is one that needs to be especiall "right" about everything. And this is giving me negative confidence in government. If Akamai wants to do things stupidly, that's their business. When it comes to what my taxpayer dollars pay for, and the security I am expecting from a government department that is supposed to provide that, these bad decisions give me cause to worry. Since DHS is a new agency, and it appears TSA is handling things for them at the moment, I'm willing to give them time to get it corrected. But the time has passed for allowing mistakes to persist. -- ----------------------------------------------------------------- | Phil Howard - KA9WGN | Dallas | http://linuxhomepage.com/ | | phil-nospam@ipal.net | Texas, USA | http://ka9wgn.ham.org/ | -----------------------------------------------------------------
Thread Index |
|
