official Top Level Domains
DNS with TLD
Lesestoff zu Best practises
- bind9
- Load Balancing A-Records: https://bind9.readthedocs.io/en/v9_16_6/configuration.html#load-balancing
- Geo IP: https://kb.isc.org/docs/aa-01149
- highly-available-bind-dns-cluster-design-million-users : https://www.root101.net/highly-available-bind-dns-cluster-design-million-users/
- BCP16 document : https://www.rfc-editor.org/bcp/bcp16.txt
- Secure and HA DNS Infrastructure: https://insights.sei.cmu.edu/blog/six-best-practices-for-securing-a-robust-domain-name-system-dns-infrastructure/
- DNS Erklärung und Security Empfehlungen: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-81-2.pdf
- Absatz 7.2.7 -> hidden primary DNS server
- Serverfault 01 : https://serverfault.com/questions/17255/top-level-domain-domain-suffix-for-private-network
- DNS Konzept with Subzones: https://serverfault.com/a/17730
- Verweis auf AWS und GCP : https://serverfault.com/a/1041148
- ANSSI’s recommendations : https://news.gandi.net/en/2021/06/dns-server-management-how-gandi-helps-businesses-follow-anssis-recommendations/
- NS1:
- dns-failover-basic-concepts-and-limitations https://ns1.com/resources/dns-failover-basic-concepts-and-limitations
- Integration of Managed DNS Service as Load and DDoS Protection: https://ns1.com/resources/primary-dns-vs-secondary-dns-and-advanced-use-cases
- A DNS load balanced HA cluster with Bind9 and BalanceNG : https://load-balancer.inlab.net/examples/a-dns-load-balanced-ha-cluster-with-bind9-and-balanceng/
TLD vs interne IPs
* https://www.rfc-editor.org/rfc/rfc6762#appendix-G
* oTLD für Tests:
** https://www.rfc-editor.org/rfc/rfc2606#section-2
** https://datatracker.ietf.org/doc/html/rfc6761#section-6.2
* oTLD, die noch nicht offiziell freigegeben sind bereits intern nutzen: https://isc.sans.edu/forums/diary/Stop+Using+internal+Top+Level+Domain+Names/21095/
* DNS Schwachstellen: https://www.varonis.com/de/blog/was-dns-ist-wie-es-funktioniert-und-schwachstellen