[dns-operations] Acceptable query limit to root servers

David opendak at shaw.ca
Tue Jun 7 15:30:14 UTC 2016


On 2016-06-07 9:12 AM, Andrew White wrote:
> Hi fellow DNS operators,
>
> I work at Charter, and this is not an official Charter communique :)
>
> We are considering adding some health checks on our recursive DNS platform.
>
> We'd like to ensure each server has access to the root via a remote dig at
> the recursive server. Specifically we are considering a query to an
> effectively random top-level domain that should always be answered by an
> NXDOMAIN by a root server.
>
> Given the large number of servers and our need to perform this check fairly
> often, this could result in a large number of queries resulting in NXDOMAIN
> to the root.
>

Hi Andrew, if you have a significant amount of recursive servers you may 
want to consider just running your own root servers.

https://tools.ietf.org/html/rfc7706

> Is there a best common practice as to how many of these types queries per
> second are considered non-impacting to the root servers, or a better method
> for determining recursion to the root from a large recursive platform?
>

Given the amount of normal 'abuse' that hits the roots already I doubt 
any of your monitoring would be significant or even noticed.

> Andrew White
>




More information about the dns-operations mailing list