OpenNIC‘s DNS services are offered by OpenNIC‘s users. All DNS servers operating under OpenNIC by its users must adhere to the following policy. OpenNIC would encourages its members who run an OpenNIC DNS server to partake in an active role in the operation and responsibility of running the server.
- Keeping abreast of DNS security issues and applying security updates as necessary.
- Becoming familiar with DNS structure and operation by referencing the official Internet Standards documents on DNS. Internet Standards are defined within documents entitled “Request for Comments” (RFC). Refer to the list of RFC references pertaining to the operation of DNS. – http://wiki.opennic.glue/HostmasteringWG
- Tier1 servers are required to be authoritative for each TLD OpenNIC operates.
- Performing timely maintenance of DNS information (Inverse File Updates).
All potential DNS server operators must meet the following criteria:
- Be a member of the dns-operations and dns-reports OpenNIC mailing list.
- Have introduced yourself to the OpenNIC membership via the mailing list.
- Have a static IP address.
- Maintain a stable up time.
All OpenNIC Domain Name Server Operators will:
- Provide and maintain adequate hardware in order to support the DNS server.
- Maintain physical security of the network and DNS server hardware.
- Maintain the highest level of security on the DNS server, including monitoring the system and applying security patches to the Operating System and server software on a timely basis as needed, unless directed otherwise by OpenNIC.
- Maintain up to-date zone information, including the servers hint file (if in use).
- Limit non-emergency outages to the OpenNIC “maintenance window” (Last week in every month).
- Provide, at least 1 business day advance warning to other operations personnel when conducting routine maintenance that may impact the operation of the server by posting notice of such to the mailing list (Email templates can be found here, firstname.lastname@example.org. In addition, all scheduled maintenance outages of the DNS should be coordinated to minimize the effects of those outages on regular OpenNIC DNS operations.