[dns-operations] FreeBSD and the slaving of the root zone
dwmalone at maths.tcd.ie
Thu Aug 2 13:46:14 UTC 2007
> BIND and some other caching resolvers generally only use the root hints
> for "priming" (or, perhaps, more accurately, they use the root hints
> only until priming is complete). With priming, you only actually need
> to have one of the 13 IP addresses correct in the hints file. After (at
> most) 12 priming attempts, the resolver will get the current set of root
> servers and be on its merry way.
> So, in this sense, the root hints method is significantly more robust
> than slaving the root.
Surely the same would be true of BIND listing 13 master IPs for the
root zone? If one works, then the resolver will still get its zone
transfer and everything continutes to work (unless that server is
unavailable for longer than the expire time, in which case the hints
case would be pretty busted too).
I understand that it will continue to be limited to getting transfers
from one server, but if you think that is actually likely to be a
serious operational problem, then a BIND zone type that gets a NS
list first and then does an AXFR from one of them could be devised.
More information about the dns-operations