[dns-operations] root? we don't need no stinkin' root!

Bill Woodcock woody at pch.net
Mon Nov 25 21:23:40 UTC 2019



> On Nov 25, 2019, at 9:54 PM, Florian Weimer <fw at deneb.enyo.de> wrote:
> The query numbers are surprisingly low.  To me at last.

Duane Wessels did a good study some time ago of queries to the root.  I believe over 99% were bogus, not real queries for resolvable things.

> Do we know why the number of root instances has increased?  Is it
> because of the incoming data is interesting?

In some cases perhaps.  In our case, we typically install eight at each location, and we’ve passed two hundred locations now.  So this:

>    The Domain Name System (DNS) leverages nearly 1K distributed
>    servers

…is not exactly correct…  Perhaps it’s only 1K _locations_.

We provide them to make the root more resilient against DDoS, and to reduce query latency.  But we’re a non-profit which exists for that purpose, we don’t derive any revenue from it, and our finances are publicly audited.  For-profits require revenue, and there’s certainly a market for pcaps taken from in front of root servers.

                                -Bill

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20191125/ea0bf607/attachment.sig>


More information about the dns-operations mailing list