[dns-operations] FreeBSD and the slaving of the root zone
Emilio Perea
eperea at walkereng.com
Tue Jul 31 22:05:48 UTC 2007
On Tue, Jul 31, 2007 at 01:32:17PM -0700, Jason Fesler wrote:
> I'm very interested in this idea; both to reduce unwarranted traffic,
> and to also get a faster NXDOMAIN. I don't think I'd want to propose
> a default name server config that did this though. I have thousands
> of name servers that really shouldn't individualy slave that zone,
> for instance; but for me to fetch it from a couple of locations, and
> in turn feed it to all the resolvers via whatever means (axfr, rsync,
> multicast, whatever) seems like a win for me personally. Having the
> largest DNS-(ab)using organizations slave the root zone, seems like
> it'd be a win for the root server operators.
Being at the smaller end of the scale, I transfer the root zone (from
f.root-servers.net) once a month and rsync it to a half-dozen other
resolvers. In the three years I've done this I haven't run into any
problems due to stale data, and there was a noticeable improvement in
response time when this was implemented.
I believe it was a good solution for our small company, but don't know
how well it scales. The idea of every resolver getting daily root zone
transfers by default just boggles the mind, though...
More information about the dns-operations
mailing list