Negative zones; NXDOMAIN responses
Mark Andrews
marka at isc.org
Tue May 21 08:02:14 UTC 2013
In message <20130521072352.GA17623 at fantomas.sk>, Matus UHLAR - fantomas writes:
> On 21.05.13 11:03, Mark Andrews wrote:
> > The simplest solution is to slave the root zone and
> > turn off notify to so you don't spam the official
> > root servers. 192.5.5.241 is f.root-servers.net.
> >
> >zone "." IN {
> > type slave;
> > file "slave/root";
> > masters { 192.5.5.241; };
> > notify no;
> >};
>
> I thought this is not oficially recommended for ordinary users to prevent
> root servers from being overloaded (transfers use much more resources than
> ordinary lookups). Has this changed?
Zone transfers of the root zone by recursive servers would actually
reduce the overall load on root nameservers. The bigger the recursive
server the more this is true as most queries to the root servers
are for non-existent domains. Actual referrals get cached which
draws legitimate traffic away from the root servers towards the TLD
servers. 16 SOA queries a day plus 2 AXFR/IXFR requests for normal
operations.
Just don't add lots the root servers in the masters cause as the
root server operators do check that their servers are transfering
the root zone.
Mark
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the bind-users
mailing list