[dns-operations] Storm on the DNS

Paul Vixie paul at redbarn.org
Tue Dec 1 19:11:01 UTC 2015

On Tuesday, December 01, 2015 09:59:25 AM Stephane Bortzmeyer wrote:
> On Tue, Dec 01, 2015 at 07:45:49AM +0300,
>  Bill Woodcock <woody at pch.net> wrote
>  a message of 108 lines which said:
> > Do you have a better alternative to suggest?
> We certainly need more root servers. (I know, easier said than done.)

i don't think that assertion is a certainty. depending on the attack model being considered, 
fewer root name server names each having more addresses, or fewer names having only a 
single v4 and/or v6 address per name, but with large scale anycast, or even hierarchical 
(AS112-style) anycast might be better. so it depends on what you mean by "more".

as stephane already knows, this is one of the questions Yeti-DNS will be used to research.

for everyone else, see http://yeti-dns.org/ and consider participating either as an ADNS 
or RDNS (or both!) server operator in this testbed.

P Vixie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20151201/ba76d202/attachment-0001.html>

More information about the dns-operations mailing list