Version: 1.4
Status: 01/09/2001 - Supported by the IISG 02/16/01
Contact: Brendan L. Hogan

Many colleges have requested a modification to the VCCS DNS system. The issues fall under two categories.

1. Fault tolerance against Network Virginia outages is currently not provided at local colleges. If NS1 and NS2 are unavailable for any reason, a college loses DNS.
2. Direct control over DNS college subdomain. Some colleges would like to be able to make immediate changes to their subdomain. This includes the ability to change the TTL for entries.
3. Many colleges would prefer to leave their DNS management with the VCC Utility with no change in the existing model for their subdomain.

SCOPE

This guideline defines additional options a college may choose to incorporate DNS at the local college.

This guideline covers all operating units of the VCCS.

1. Allow a college to implement secondary DNS server(s) at their location obtaining a zone transfer from one of the Primary DNS servers. This is beneficial in the following ways.

1. Additional redundancy to existing model. If NS1 and NS2 are unavailable a college loses DNS. With a secondary server on site, DNS service will still be available locally through their local secondary server.
2. Faster Access/ reduced bandwidth usage - utilizing a local secondary server will reduce Network Virginia bandwidth used for DNS requests. Requests for local DNS entries can be kept off the WAN completely.
3. Load on Primary Name Servers will be reduced. Not a requirement but is an added benefit of implementing this change.

                Note: This choice does not change any zone of authority.

2.  Allow a college to setup a primary and secondary DNS server at the college and move the zone of authority for that subdomain to the college.

1. Provides the benefits of the above choice.
2. Gives the college immediate full control over their own DNS entries.
3. Some colleges would prefer to control the zone of authority for their subdomain to make maintenance and upgrades of equipment easier with less potential down time. It also provides them with the ability to immediately change DNS entries.

4. In keeping with general DNS standards, a college must implement a primary and secondary DNS server at the college for fault tolerance if they want to control the zone of authority for their subdomain.

For any college that implements one of the above options:

1. It is understood that the college will fully support their own DNS server on their own.

2. DNS is an integral part of our infrastructure so a college should be required to send a minimum of one employee to DNS training classes at the colleges expense (for the appropriate O/S) before implementing the above options.

3. The college will need to have at least one trained employee on staff at all times and keep the VCC Utility NOC informed with emergency contact information for that person.

4. Colleges must submit a formal letter addressed to the Executive Director, VCC Utility stating they accept the associated responsibility. The letter must address requirements 1- 3 as listed above.