[dns-operations] Defining the "be like a root" problem

Doug Barton dougb at dougbarton.us
Fri May 18 04:26:26 UTC 2012

On 5/17/2012 8:36 PM, paul vixie wrote:
> On 5/17/2012 9:58 PM, Paul Hoffman wrote:
>> From looking at the thread, I'm not convinced that you are correct.
>> The common definition of being a slave zone is that you are just as
>> authoritative as the primary.

Given that the root ops are not responsible for the content of the zone,
but are merely acting as slaves themselves, I would say that in this
context you're approximately correct.

>> To me, that means "act like a root server".

Now you've added some very loaded terminology without clear meaning. I
can only say that for my part "act like a root server" is not anything
I've ever suggested. Paul V's description in his first paragraph below
fits neatly with my concept of what we're advocating.


>> Using "slave" as a verb seems to have the meaning "transfer
>> the zone in order to act like a slave", but some people have talked
>> about other ways of updating other than zone transfers.
> let me clarify my own intention. if an rdns operator whose software is
> also capable of slaving a zone wants to slave the root zone in order to
> avoid going upstream to the roots to learn where 'com' is and in order
> to be able to generate authoritative nxdomain responses without a round
> trip, that's both an individual good and a greater good.
> in no case would i advise any form of policy based routing or route
> hijacking or anything else that would cause any dns initiator to end up
> talking to this hybrid rdns+rootslave when they thought they were
> talking to, or were in fact trying to talk to, a root name server.
> it's just a way to hotwire the cache, not to change 'who is a root
> server operator'.
> paul

    If you're never wrong, you're not trying hard enough

More information about the dns-operations mailing list