[dns-operations] Defining the "be like a root" problem

Dave Knight dave at knig.ht
Fri May 18 13:14:32 UTC 2012


On 2012-05-17, at 5:58 PM, Paul Hoffman wrote:

> On May 17, 2012, at 12:38 PM, Dave Knight wrote:
> 
>> 
>> On 2012-05-17, at 2:28 PM, Paul Hoffman wrote:
>> 
>>> Just to put a stake in the ground, is this the problem statement people agree with:
>>> 
>>> Some ISPs want to act like root servers, so the root server operators should help those ISPs do so.
>> 
>> There's an important distinction to be made between 'act like a root server' and 'slave the root zone'. Their appropriate course of action in the first case ought to be to contact a root server operator to discuss hosting an anycast instance. It's the second case we're discussing here.
> 
>> From looking at the thread, I'm not convinced that you are correct. The common definition of being a slave zone is that you are just as authoritative as the primary. To me, that means "act like a root server". Using "slave" as a verb seems to have the meaning "transfer the zone in order to act like a slave", but some people have talked about other ways of updating other than zone transfers.

Sorry, I could have made myself more clear. The distinction I was making was between 'serving the root zone on your cache' and 'pretending to be a root server', ie hijacking the IP address of a real root server and pretending to be it.

dave


More information about the dns-operations mailing list