[dns-operations] Root-servers returning TC=1 after 5 NXDOMAINS
Matthew Pounsett
matt at conundrum.com
Tue Feb 10 14:26:34 UTC 2015
On Feb 10, 2015, at 09:06 , Emil Natan <shlyoko at gmail.com> wrote:
> If this is an issue with the F-root only it would be easier to use hints file with the F excluded instead of managing local root zone and keeping it up to date.
This is Response Rate Limiting in action… they’re not explicitly limiting NXDOMAIN responses; they’re limiting identical responses. If Bert’s server was asking for the same A record over and over that would get truncated and forced over to TCP as well. It’s probably not only F, although I don’t think I’ve seen a comprehensive list of which root instances are running RRL.
More information about the dns-operations
mailing list