[dns-operations] Getting rid of ISP's recursive DNS servers? (Was: Eircom "DNS Attacks" ?

Peter Dambier peter at peter-dambier.de
Sun Jul 19 18:22:57 UTC 2009

Stephane Bortzmeyer wrote:

> Because, if any SOHO (and, why not, residential users) suddenly
> starts to have its own complete resolver, the load on root name
> servers (and TLD name servers) will increase (see Bill Manning's
> article for actual measurements).

I have seen configurations for djbdns at least that do not need
the root-servers at all. Just ftp the file once per week and
prepare it so your dnscache directly queries the tld-servers.

The tld-servers and the other authoritative servers might see
more traffic.

On the other hand the problem we face is every european nation
does introduce censoring right now with the isp's resolvers.
So more and more people say goodby to foreign resolvers and
resolve on their own.

I suspect that very cachepoisoning did result from badly configured
censoring nameservers in the first place. They said it resulted
from their own misconfiguration partly at least.


Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter at peter-dambier.de
ULA= fd80:4ce1:c66a::/48

More information about the dns-operations mailing list