[dns-operations] FreeBSD and the slaving of the root zone
David Conrad
drc at virtualized.org
Tue Jul 31 17:36:50 UTC 2007
On Jul 31, 2007, at 9:13 AM, Edward Lewis wrote:
> At 15:50 +0000 7/31/07, Paul Vixie wrote:
>
>> it's not my turn. does everybody else think this is a good idea?
>> start
>> with the fact that root nameservers renumber from time to time,
>> and go from
>> there.
>
> Let's start with the potential renumbering of the root servers.
Perhaps I'm dense, but I don't see how renumbering root servers is a
big deal in this context. Renumbering root servers is already hard.
I'm not sure why this would make it any harder. Of course, the
difficulty in renumbering root servers argues for the /32s and /128s
for root service to be fixed in concrete (that is, becoming
essentially protocol elements standardized in an RFC), but I know
some of the root server operators get the twitches when I raise this.
> An upside of having the root zone local is that the recursive server
> (assuming that's the function to cite) will not recurse to the root.
> Not for "good queries" and not for "bad queries."
Upsides include:
- greater decentralization that should reduce load
- DDoS attacks against the root servers would have less impact
Downsides include:
- increased load on the root servers as a result of the zone transfers
This downside could be alleviated by having the zone transfer source
be different than the actual root servers.
Rgds,
-drc
More information about the dns-operations
mailing list