Acting as stealth slave for root zone
Paul Vixie
vixie at sa.vix.com
Thu Dec 9 02:48:27 UTC 2004
David Carmean <dlc at halibut.com> writes:
> > Certainly F has always allowed zone transfers of the root zone, even
> > when it was called NS.ISC.ORG back before the letter-names came into
> > being. It is ISC's intention to permit AXFR of the root zone from
> > f-root, always.
>
> What are your thoughts as a root server operator about this as a
> technique to reduce the load on the roots?
I think it would have no effect, or make things worse. 97.9% of everything
f-root sees is crud, or so it says at
http://dns.measurement-factory.com/writings/wessels-pam2003-paper.pdf
Running a stealth slave for the root zone could make things worse if you
fail to turn off NOTIFY. It could possibly make things better if your
local resolvers are a major contributor to the "97.9% is crud". Most
likely result is no difference, since statistically speaking if you're
clueful enough to run a stealth slave for the root zone, you already aren't
part of the "97.9% is crud" problem, and you've got the TLD NS RRsets in
your local caches, and you aren't hitting the root servers very hard at all.
--
Paul Vixie
More information about the bind-users
mailing list