[dns-operations] The (very) uneven distribution of DNS root servers on the Internet

[Joe Abley]

On 2012-05-16, at 02:04, paul vixie wrote:

> On 5/15/2012 11:56 PM, David Conrad wrote:
>> ... In the context of this blog posting, I personally think having
>> folks (ISPs in particular) pre-fetch/mirror the root zone in their
>> caches is the right answer to pretty much any useful definition of
>> "fair and equitable" related to serving the root zone :-).
> 
> now that i've been reminded that the SOA timers are shorter than the
> update frequency and that no NOTIFY is required for up-to-date stealth
> slave service; and now that the root is signed, making it unlikely that
> stealth copies will be amended or that their namespaces will be
> overloaded with other stealth slaves... i agree with drc here. let's
> start encouraging widespread stealth slavery for the root zone.

I'm not convinced that this is a good idea.

Right now we have a root server system that is measurable, and that is operated by people who understand the implications of operational choices, and who are a small enough group that coordination and communication with other actors in the root zone management is practical.

Ad-hoc distribution of root zone operation to an unbounded set of operators would result in a system that was much more challenging to measure, that was operated by people whose focus was (properly) elsewhere, and with whom reliable communication was probably not possible.

I am generally in favour of decentralisation, but in this specific instance I can't see much benefit to offset the deficiencies.


Joe