bert hubert

Based in Nootdorp




Likes on articles

About the author

Bert is one of the founders of PowerDNS and to this day helps develop the PowerDNS software

Links & Social


Published tags

• On RIPE NCC and the Cloud: Draft Principles, Requirements and Strategy Framework by Felipe Victolla Silveira

Hello! I've previously written some words on this subject, for example here: I applaud the thorough look RIPE is taking at things. But there is something I miss strongly. The goal in life is not to do everything yourself. A goal is resilience, which is discussed well. But a very important goal is also to maintain capabilities. It is entirely ok to get a lot or even "most" stuff somewhere else. But it is not ok if this comes at the loss of capabilities. Knowing how to run vital infrastructure is key. This ensues that RIPE is a credible cloud negotiator, for example. It also means that when things go wrong, people have hands on experience in fixing things. In addition, because RIPE is so core to the Internet, they do have to maintain a feel with how actual Internet platforms are being run, "down to the metal". It would not be good if RIPE only saw an AWS console and over the years started thinking that that console was the Internet. Actual routers, switches and servers are the Internet. Also at AWS by the way, it is not being run by unicorns. So in addition to the worthwhile considerations above, I'd suggest writing down that there will always be a certain set of services (beyond K-root) that are being run in house, even if this turns out to be more expensive in the long run. Retaining a core set of key services means that capabilities will not disappear over time, and that RIPE will continue to know, down to its bones, what it means to run an important bit of Internet. Additionally, it would be great if engineers would not have to fight for this continually. It should be broadly supported policy, and we should not have engineers having to justify their existence and capabilities. If someone wants to outsource a key bit of stuff that was chosen to be operated in house, the response should be: what outsourced service will we then insource again? As long as RIPE maintains a sufficient capability level, and continues to actually run key parts of the internet in a very hands on fashion, it is fine to use third parties as well where this makes sense. Bert

• Reply to Daniel on Introducing 'tdns': the Teachable Authoritative DNS Server by bert hubert

“I'm a bit confused. Bert Hubert, shareholder of Open-Xchange, the parent company of PowerDNS is fed up with PowerDNS behavior around EDNS workarounds removal. Why is this not solved within Open-Xchange?”

Hi Daniel - I think you may be confused about what I said, maybe because I did not explain it very well? The open source nameservers do EDNS correctly and will also try to work around other servers not supporting it correctly. The open source resolvers together have decided to stop working on such workarounds per February 2019. So this is not a problem we can solve internally - the rest of the world has to clean up its act.

Showing 2 comment(s)