[dns-operations] root? we don't need no stinkin' root!

Mark Allman mallman at icir.org
Mon Dec 2 15:17:30 UTC 2019


Hi Florian!

> What's the change rate for the root zone?  If there is a full
> transition of the name server addresses for a zone, how long does
> it typically take from the first change to the completion of the
> sequence of changes?

Not a direct answer to your question, but a couple empirical bits
from the paper that started this thread ...

    We analyzed a snapshot of the root zone file from each day in
    April, 2019.  On the first of the month the root zone included
    1,532~TLDs and one was deleted during the month.  Of the TLDs,
    all but five have at least one nameserver (by IP address) that
    is constant for the entire month.  That is, if a recursive
    resolver used a root zone file that was out of date by one
    month, 99.6\% of the TLDs would remain accessible.  The five
    TLDs that do not have a constant nameserver for the entire month
    are run by NeuStar and use a slowly rotating set of IP addresses
    for the TLD nameservers.  The overlap ensures that a root zone
    file that is no more than 14~days out of date will ensure
    constant TLD reachability.  Further, comparing the root zone
    files on April 1, 2018 and April 1, 2019 we find that all but
    50~TLDs (3.3\%) would still retain reachability with a root zone
    file that is a year out of date.

Obviously, there could be a more comprehensive analysis, but I think
that gives some idea about how stable the root zone file is in
practice.

allman


More information about the dns-operations mailing list