DNS ROOT understanding

Ladislav Vobr lvobr at ies.etisalat.ae
Tue Sep 28 10:55:34 UTC 2004 

Jim Reid wrote:
>>>>>>"Nicolas" == Nicolas Li?nard <nlienard at fr.colt.net> writes:
> 
> 
>     Nicolas> Is there a good way to monitore the life about Root
>     Nicolas> Server ? (ping ? dig ?  other ?)  in order to be warn
>     Nicolas> when there is a problem.
> 
> There is no point in doing this. So don't. Even if you did, what are
> you going to do if you found a problem? [Which is highly unlikely.]
> Who are you going to call? And would they pay any attention to you?

it might be very simple way of saying you have a world connectivity 
problems, I was doing it as well, maybe I am still doing it, I have to 
check :-)

when you run recursive servers, it might get very bussy when the world 
connectivity is not there, it is very difficult on current binds to 
figure out why it is bussy, you can just guess, why you recursive queue 
is full, it might be really different reasons, maybe single nasty user, 
maybe lot of users with viruses, maybe normal users but world 
connectivity problem....

if you know immediatelly that you have this kind of connectivity 
problems, you might possibly do some action, like disable recursion, 
reload, and serve the requests from the cache only, which is basically 
imho better than having completely over-utilized server with completely 
non-responsive service.

Ladislav

> 
> Sure, someone could monitor a root server with ping or dig. But
> there's no need. The root server operators already monitor their name
> servers 24x7. Nothing would be gained if you monitored the servers as
> well. Additional probes from you or anyone else on this list would
> just increase the grossly excessive amount of unwanted and unnecessary
> traffic these servers get already. That's harmful to everyone.
> 
> Besides, if your name server is well-behaved, it will only communicate
> with a root server 4 or 5 times a week: every time it queries for a
> domain name in a TLD that hasn't been cached already. Why worry about
> monitoring that? I doubt you're monitoring the status of the name
> servers and domains that your server queries many times each day.
> These will be the things most likely to create operational problems
> for you, not the root servers. Or most TLD servers for that matter.
> 
> Leave the root servers alone and concentrate on making sure *your*
> name servers are properly configured and operated. If everyone did
> that, we'd all win and the DNS would be in a far, far better state
> than it is at present.
> 
>

More information about the bind-users mailing list