This page is for capturing the unique flavor and needs of different customer bases for BIND 10

(see warning in UiDes)

Group descriptions


Registries are organizations who handle the "delegation zones" that have many (thousands to millions) of glue pointers to child zones. Common examples are the GTLDs like .com, .org and CCTLDs like .jp, .cn or .se. It is often the case that there are registrars who allow end users to register individual child zones and pass that data to the correct registry. Registries almost always have significant automation systems that create the DNS data that the BIND 10 server needs to serve. They also have the internal needs of a medium institution, but with a much higher level of DNS understanding and tool support. A special case of the registries are the root operators. The advent of anycast roots create a new subtlety in managing DNS services.


Registrars are agents, often commercial, who manage the registration of zones with the registries. These are highly automated systems with few special needs for DNS service beyond web company. The registrar may also act as a hosting service in various forms. It is unclear that this group has demands different from other classes of users.


ISPs have several areas with specific DNS demands. Thy often have large address spaces that they need to run reverse lookup zones for, combined with DHCP address delivery. They have large numbers of devices like routers that have many interfaces, etc. They often have hosting and web company aspects as well. The ISP systems tend to be very automated, but unlike a registry where the automation is mostly for DNS, the ISPs automation is for provisioning, O&M and billing, with DNS being a small piece of the picture. They also need to run large recursive DNS infrastructures for their customers.

Hosting services::

Hosting services have some unique DNS aspects to them. Theses services can be application hosting services, classic computer hosting services or cloud computing and storage services. The unique aspect of these organizations is the dynamic nature of their business and DNS. Besides the usual churn of customers and equipment, the customers are often moved across different pieces of equipment as demands of each customer, the overall customer base change and the infrastructure status change. This requires a level of change in the DNS that is not common elsewhere. They also have moderate recursive server requirements.

Large institutions::

Large institutions have a different perspective on computers, networks and DNS. These are critical resources to get their job done. They have larger security concerns than the network infrastructure that DNS is a part of. The automation of the DNS can span the gamut from hand edited files to complex tools. There are significant IT departments that have varying levels of understanding and experience with DNS.

Large corporations::

For corporate DNS users, everything is driven by business needs and business processes. DNS is not just about looking up machine names, it is also about branding. This can drive unusual practices and configurations. One example is the company that locks down all IT changes for 4 months a year to keep things stable during their "busy season." Security is such that almost all companies will have a firewall between the internal network and the internet. Some companies have technically strong IT departments and others far less so. An interesting part of some of these groups is that significant DNS changes or issues comes sufficiently infrequently that the ease of working with the concepts and tools gets stale.


The technology skill of a university IT group is generally higher than the average corporation. They will often have rush times at the beginning of the school year. They appear to have less security issues than a corporation, but it can turn out to be as or more challenging. The organization of the schools fits the hierarchical nature of DNS quite well, unlike other organizations who prefer to have a much flatter name space.


Government agencies are often dealing with resource limits with IT staffing that can leave infrastructures such as DNS with less staffing than would be found elsewhere. This can also be coupled with odd organizational structures that reflect rules and history more than efficient operation. They have the scale and complexity of other large organizations. Their security issues are high, with both true security and embarrassment events to deal with.

Web companies::

While web companies can be of any size, I added all of them to this area because DNS is critical to their company. The cost of down infrastructure can be measured in dollars (or other currency) per minute. This means that all infrastructure is designed to maximize revenue and management systems need to be designed to avoid mistakes. These include human systems as well as computer systems.

Small/medium companies::

This is one of those catch-all categories. There is a wide spread of sizes, needs and skills involved. One common feature of all these is that they often separate the internal net from the internet with a firewall, which makes outsourcing of DNS very hard. These groups will try to depend on vendor solutions when possible, only running other software when the need becomes pressing.

End users::

This is the ultimate catch-all for everyone else. Most of these folks will depend on someone else for any DNS needs that they have. Others will decide they want to use available software and try it themselves, with varying degrees of success.


This group are the people who produce systems with BIND as part of the offering. There is the part about including the software (which is out of scope) and the part about how their users will use the BIND software. For now, this group will be considered a proxy for their users and can act as a unifying voice for user needs.

Last modified 8 years ago Last modified on Oct 19, 2010, 5:22:25 PM