[dns-operations] EDNS and TLDs

Paul Vixie paul at redbarn.org
Thu Nov 17 03:16:35 UTC 2016

Matthew Pounsett wrote:
> ... Since the NOERROR responses for '.' are cachable, I'm not sure
> I'd classify the queries as harm.

most of the queries received by the root are meaningless, erroneous, or
useless. a fairly large share of them come from behind firewalls, so we
hear their question but they can't hear our answer.

so even if caching of ANCOUNT==0 and RCODE=3 were as common as caching
of ANCOUNT>1, which they by no means are, i would classify these queries
as harm. no pebble feels responsible for the landslide.

> ... However, a better choice would probably be setting the MNAME to
> some nonexistant domain name under the operator's direct control.

that'd be ok by me. maybe we need a BCP-RFC on that topic? (not me, not me)

> It might be worth noting that IANA requires the MNAME in a gTLD to be
> a real host, which guarantees that TLDs see UPDATE noise that they
> would rather not receive.

that's bizarre and useless.

> I've always been a little annoyed that no "do not send updates"
> signal was never considered when the UPDATE mechanism was codified.

please reconsider. had we thought of this we would have codified "."
just as you described a very-large CCTLD using today. and it would not
have been implemented, any more than the "." rule for MX was ever

P Vixie

More information about the dns-operations mailing list