[dns-operations] FreeBSD and the slaving of the root zone

Edward Lewis Ed.Lewis at neustar.biz
Tue Jul 31 16:13:50 UTC 2007

At 15:50 +0000 7/31/07, Paul Vixie wrote:

>it's not my turn.  does everybody else think this is a good idea?  start
>with the fact that root nameservers renumber from time to time, and go from

Let's start with the potential renumbering of the root servers.

If I am slaving the root zone (without being listed as authoritative) 
I can protect myself from one server renumbering by slaving off a 
list of the servers.   I think the DNS is robust enough to have one 
server move from time to time and have other servers deal with that.

Of course this technique is a tradeoff.  Instead of sending 
(frequent) periodic queries to the root and get a little bit of data 
each time, I ask it (seldom) periodically for everything it has and 
get a lot of stuff.  It's not like the root is a popular TLD.  There 
aren't many things in the root (now) and chances are that a recursive 
server will look up a good percentage of the entries over time.

An upside of having the root zone local is that the recursive server 
(assuming that's the function to cite) will not recurse to the root. 
Not for "good queries" and not for "bad queries."

A downside is that the slaved root zone won't get notifies of 
updates, so the polling for AXFR may either be "too frequent" and be 
a burden on the roots, "too seldom" meaning that changes don't 
propagate, "or just right" as in the Goldie Locks story.

So long as the root zone is small, has low churn, and the percentage 
of items queried is above some threshold, this technique sounds 
plausible.  As all I am doing here is throwing out some conjecture, 
there may be other concerns that tilt the decision on this the other 
Edward Lewis                                                +1-571-434-5468

Think glocally.  Act confused.

More information about the dns-operations mailing list