[dns-operations] FreeBSD and the slaving of the root zone

Matt Larson mlarson at verisign.com
Tue Jul 31 20:11:55 UTC 2007

On Tue, 31 Jul 2007, Paul Vixie wrote:
> this is a really, really, really terrible idea.

Then why is f.root-servers.net allowing outbound AXFR of the root zone
(which is contraindicated by RFC 2870, or if you prefer, RFC 2010)?

On Tue, 31 Jul 2007, Paul Vixie wrote:
> does everybody else think this is a good idea?

I think it's a compelling idea worth exploring.  The roots get a truly
vast amount of crap thrown at them and negative caching doesn't help
much, since it can only cache the nonexistence of individual QNAMEs.
(For some recent research, see
The biggest advantage of a locally served root, in my opinion, would
be stopping all that traffic.  It would be interesting to do the math
to see if there'd be a net savings in bandwidth usage: I bet a
recursive name server wouldn't have to be very busy for twice-daily
zone transfers over TCP to consume less bandwidth than the flood of
crap queries it would otherwise be sending to the roots.

I'll second Olafur's suggestion: let's not get bogged down in
discussing the burden on the root servers.  That's a red herring,
since they shouldn't be offering outbound AXFR.  Rather, let's discuss
if a locally served root is a good idea.  If it is, there are all
kinds of options for distribution.


More information about the dns-operations mailing list