[52988] in North American Network Operators' Group
Re: DNS issues various
daemon@ATHENA.MIT.EDU (Doug Barton)
Fri Oct 25 05:00:18 2002
Date: Fri, 25 Oct 2002 01:59:37 -0700 (PDT)
From: Doug Barton <DougB@DougBarton.net>
To: Simon Waters <Simon@wretched.demon.co.uk>
Cc: Nanog@merit.edu
In-Reply-To: <3DB80954.17D4654C@wretched.demon.co.uk>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 24 Oct 2002, Simon Waters wrote:
> Last time it was discussed I thought that the provisions already
> in the DNS RFC's to allow zone transfer for "." to recursive
> servers is a neat solution for the root zone.
There are pluses and minuses to that approach. The people at .biz and
.info are _still_ getting complaints from people sitting behind broken
resolvers with bogus copies of the root zone. Doing this in a widespread
manner is likely to lead to more problems of this sort for new TLD's, and
updates to existing ones.
Also, if you consider that <some high percentage> of root server queries
are for the same say, 10 TLD's, and that those records are cached for 2
days, it would most likely be a net increase in root server traffic to
have millions of resolvers slaving the zone.
Speaking only for myself, I think the combination of anycast and DNSSEC
has the best chance of success; both for the root and gTLD servers.
Doug
