[dns-operations] root? we don't need no stinkin' root!

Jim Reid jim at rfc1035.com
Tue Nov 26 09:07:55 UTC 2019

> On 25 Nov 2019, at 22:31, Paul Ebersman <list-dns-operations at dragon.net> wrote:
> Actually, it's a great argument for longer TTLs and caching doing what
> they're supposed to.

It would be if the root only got queries from well behaved recursive resolvers. But we both know Paul that simply isn't true.

Well over 90% of the query traffic at the root has no reason to be going there at all. For instance stub resolvers that don't care about TTLs or do any sort of caching, Chrome's 10-character nonce strings to detect NXDOMAIN rewriting, CPE querying for .home, enterprises leaking queries for .corp, etc, etc.

The amount and breadth of the crap that hits the root is staggering. I suppose that'll also be true for the recursive service offered by the likes of google or Comcast.

More information about the dns-operations mailing list