Acting as stealth slave for root zone
Thomas Schulz
schulz at adi.com
Thu Dec 9 21:46:18 UTC 2004
In article <cpag8g$e8q$1 at sf1.isc.org>, Paul Vixie <vixie at sa.vix.com> wrote:
>David Carmean <dlc at halibut.com> writes:
>
>> > Certainly F has always allowed zone transfers of the root zone, even
>> > when it was called NS.ISC.ORG back before the letter-names came into
>> > being. It is ISC's intention to permit AXFR of the root zone from
>> > f-root, always.
>>
>> What are your thoughts as a root server operator about this as a
>> technique to reduce the load on the roots?
>
>I think it would have no effect, or make things worse. 97.9% of everything
>f-root sees is crud, or so it says at
>
> http://dns.measurement-factory.com/writings/wessels-pam2003-paper.pdf
>
>Running a stealth slave for the root zone could make things worse if you
>fail to turn off NOTIFY.
What conditions would cause a slave to send a notify to a master? Or do
I misunderstand what is being said?
> It could possibly make things better if your
>local resolvers are a major contributor to the "97.9% is crud". Most
>likely result is no difference, since statistically speaking if you're
>clueful enough to run a stealth slave for the root zone, you already aren't
>part of the "97.9% is crud" problem, and you've got the TLD NS RRsets in
>your local caches, and you aren't hitting the root servers very hard at all.
>--
>Paul Vixie
>
--
Tom Schulz
schulz at adi.com
More information about the bind-users
mailing list