Potential Problems - ISP building 'root mirrors'
Barry Margolin
barmar at alum.mit.edu
Mon Jun 27 23:59:03 UTC 2005
In article <d9pf10$2s2u$1 at sf1.isc.org>,
Steve Mueller <smuellerPLEASE at NOsbcSPAM.com> wrote:
> I've been tasked with looking into the root mirrors my predecessor put
> place. I think this is a really bad idea, but some pointy haired person
> wrote up an executive report that said the root servers are a DoS attack
> away from bringing our network to a halt.
>
> Like I said, I don't really agree with this whole idea, but I'm going to
> stay as openminded about it as possible until I see some data/facts.
I think you would be surprised how infrequently you need to query the
root servers, since you'll cache most of the data you need pretty
quickly. Run tcpdump on your caching servers to capture the traffic to
the root servers and you'll see.
I'd be much more worried about the COM servers, but it's also much
harder to mirror them.
--
Barry Margolin, barmar at alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
More information about the bind-users
mailing list