[dns-operations] FreeBSD and the slaving of the root zone
Matt Larson
mlarson at verisign.com
Tue Jul 31 20:11:55 UTC 2007
On Tue, 31 Jul 2007, Paul Vixie wrote:
> this is a really, really, really terrible idea.
Then why is f.root-servers.net allowing outbound AXFR of the root zone
(which is contraindicated by RFC 2870, or if you prefer, RFC 2010)?
On Tue, 31 Jul 2007, Paul Vixie wrote:
> does everybody else think this is a good idea?
I think it's a compelling idea worth exploring. The roots get a truly
vast amount of crap thrown at them and negative caching doesn't help
much, since it can only cache the nonexistence of individual QNAMEs.
(For some recent research, see
http://public.oarci.net/files/dnsops-2007/Toyono-Caching-analysis.pdf.)
The biggest advantage of a locally served root, in my opinion, would
be stopping all that traffic. It would be interesting to do the math
to see if there'd be a net savings in bandwidth usage: I bet a
recursive name server wouldn't have to be very busy for twice-daily
zone transfers over TCP to consume less bandwidth than the flood of
crap queries it would otherwise be sending to the roots.
I'll second Olafur's suggestion: let's not get bogged down in
discussing the burden on the root servers. That's a red herring,
since they shouldn't be offering outbound AXFR. Rather, let's discuss
if a locally served root is a good idea. If it is, there are all
kinds of options for distribution.
Matt
More information about the dns-operations
mailing list