[dns-operations] FreeBSD and the slaving of the root zone

Matt Larson mlarson at verisign.com
Tue Jul 31 20:11:55 UTC 2007


On Tue, 31 Jul 2007, Paul Vixie wrote:
> this is a really, really, really terrible idea.

Then why is f.root-servers.net allowing outbound AXFR of the root zone
(which is contraindicated by RFC 2870, or if you prefer, RFC 2010)?

On Tue, 31 Jul 2007, Paul Vixie wrote:
> does everybody else think this is a good idea?

I think it's a compelling idea worth exploring.  The roots get a truly
vast amount of crap thrown at them and negative caching doesn't help
much, since it can only cache the nonexistence of individual QNAMEs.
(For some recent research, see
http://public.oarci.net/files/dnsops-2007/Toyono-Caching-analysis.pdf.)
The biggest advantage of a locally served root, in my opinion, would
be stopping all that traffic.  It would be interesting to do the math
to see if there'd be a net savings in bandwidth usage: I bet a
recursive name server wouldn't have to be very busy for twice-daily
zone transfers over TCP to consume less bandwidth than the flood of
crap queries it would otherwise be sending to the roots.

I'll second Olafur's suggestion: let's not get bogged down in
discussing the burden on the root servers.  That's a red herring,
since they shouldn't be offering outbound AXFR.  Rather, let's discuss
if a locally served root is a good idea.  If it is, there are all
kinds of options for distribution.

Matt



More information about the dns-operations mailing list