[dns-operations] Root-servers returning TC=1 after 5 NXDOMAINS
shlyoko at gmail.com
Tue Feb 10 14:06:33 UTC 2015
If this is an issue with the F-root only it would be easier to use hints
file with the F excluded instead of managing local root zone and keeping it
up to date.
On Tue, Feb 10, 2015 at 2:44 PM, Roy Arends <roy at dnss.ec> wrote:
> > On 10 Feb 2015, at 12:40, bert hubert <bert.hubert at netherlabs.nl> wrote:
> > On Tue, Feb 10, 2015 at 11:34:35AM +0000, ? Roy Arends wrote:
> >>> We've since tried to curtail our queries to the root severly, but we
> >>> get TC=1 responses a lot, which slows down our resolution.
> >> Have you thought about running a local copy of the root zone?
> > More frequently now, yes. But I wonder if that is the intention. Is
> there an
> > official policy on root-servers that allow AXFR yet?
> Not sure if there is.
> > Can one count on this
> > working?
> Not sure on that either.
> I fetch my local copy here: ftp://rs.internic.net/domain/root.zone
> Has been working for years.
> >>> We shared our concerns with ISC, but it might be good to have a broader
> >>> discussion on if it makes sense to set the bar so very low.
> >> It doesn’t make sense to set the bar low on a single instance. What
> >> happen is that due to some server selection algorithm, this server gets
> >> penalty and the resolver flocks to other root-servers.
> > The penalty of TCP/IP by the way is so slight this does not change
> > nameserver selection in my case. If you'd count the cost of the original
> > query PLUS the TC=1 redirect, it might matter a bit more.
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> dns-jobs mailing list
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the dns-operations