[dns-operations] Root-servers returning TC=1 after 5 NXDOMAINS

Emil Natan shlyoko at gmail.com
Tue Feb 10 14:06:33 UTC 2015 

If this is an issue with the F-root only it would be easier to use hints
file with the F excluded instead of managing local root zone and keeping it
up to date.

Emil

On Tue, Feb 10, 2015 at 2:44 PM, 🔒 Roy Arends <roy at dnss.ec> wrote:

>
> > On 10 Feb 2015, at 12:40, bert hubert <bert.hubert at netherlabs.nl> wrote:
> >
> > On Tue, Feb 10, 2015 at 11:34:35AM +0000, ? Roy Arends wrote:
> >>> We've since tried to curtail our queries to the root severly, but we
> still
> >>> get TC=1 responses a lot, which slows down our resolution.
> >>
> >> Have you thought about running a local copy of the root zone?
> >
> > More frequently now, yes. But I wonder if that is the intention. Is
> there an
> > official policy on root-servers that allow AXFR yet?
>
> Not sure if there is.
>
> > Can one count on this
> > working?
>
> Not sure on that either.
>
> I fetch my local copy here: ftp://rs.internic.net/domain/root.zone
>
> Has been working for years.
>
> >
> >>> We shared our concerns with ISC, but it might be good to have a broader
> >>> discussion on if it makes sense to set the bar so very low.
> >>
> >> It doesn’t make sense to set the bar low on a single instance. What
> might
> >> happen is that due to some server selection algorithm, this server gets
> a
> >> penalty and the resolver flocks to other root-servers.
> >
> > The penalty of TCP/IP by the way is so slight this does not change
> > nameserver selection in my case. If you'd count the cost of the original
> > query PLUS the TC=1 redirect, it might matter a bit more.
>
> Ack.
>
> Roy
>
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20150210/c83d98fc/attachment.html>

More information about the dns-operations mailing list