[dns-operations] Acceptable query limit to root servers

Andrew White andrew at vivalibre.com
Tue Jun 7 18:16:56 UTC 2016


Hi DRC,

Thanks for your reply. If we have a root server on-net, then I still have
the issue of not knowing whether my recursive server has working outbound
connectivity; a local copy of the root then moves the issue to the TLD
servers.

Andrew

On Tue, Jun 7, 2016 at 12:32 PM, David Conrad <drc at virtualized.org> wrote:

> Hi,
>
> On Jun 7, 2016, at 8:12 AM, Andrew White <andrew at vivalibre.com> wrote:
> > We are considering adding some health checks on our recursive DNS
> platform.
> >
> > We'd like to ensure each server has access to the root via a remote dig
> at the recursive server. Specifically we are considering a query to an
> effectively random top-level domain that should always be answered by an
> NXDOMAIN by a root server.
> >
> > Given the large number of servers and our need to perform this check
> fairly often, this could result in a large number of queries resulting in
> NXDOMAIN to the root.
>
> Not that it's likely your probes will go above the noise in the noise, why
> not mirror the root (a la https://tools.ietf.org/rfc/rfc7706.txt)?
>
> Regards,
> -drc
> (speaking only for myself)
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160607/164a70f2/attachment.html>


More information about the dns-operations mailing list