[dns-operations] Everyone as root server ? Was: FreeBSD and the slaving of the root zone
Paul Vixie
paul at vix.com
Tue Jul 31 21:24:39 UTC 2007
since the roots aren't sending these freebsd systems NOTIFY packets, they're
going to follow the SOA timers. so instead of a million freebsd hosts sending
me UDP all day, i get a million of them asking for AXFR after each daily zone
change.
if their firewall configs change and they can't fetch the root zone, they'll
just go stale after a week's time. same thing if the roots change their AXFR
policy, which is is a diagnostic, not a production, service. same thing if
the roots renumber.
if we renumber, they'll continue bashing the old address for decades.
they won't see changes until they refresh. without NOTIFY that's once every
86400 seconds, with a retry every 3600 seconds if that refresh fails.
there is no opportunity to measure and characterize the traffic hitting the
roots to discover broken versions of firefox or whatever.
that's just off the top of my head. this is a terrible, terrible, terrible
idea, and doesn't even have an upside for some users, according to malone.
More information about the dns-operations
mailing list