Setting up a Root name server

Mon Sep 6 18:13:21 UTC 1999

Michael Voight wrote:

> chris wrote:
> >
> > There isn't a problem.
> >
> > > slaving all the top-level domains will improve things. And my point
> > >
> >
> > I'm not slaving.
>
> No, but in this context, there is no difference.
> You are getting a copy of the data on the real roots. You are NOT
> creating the data.
>

OK, so by that definition all root servers are slave servers. I thought that you
were stating that I was going to secondary off of the .com domain for example.

>
> >
> > > remains: faster DNS lookups only matter when the existing DNS setup is
> > >
> >
> > You are full of shit on that one. Faster DNS look up is one of the key
> > things that makes an internet connection fast.
>
> Slow connections tend to be due to bad reverse look ups.
> Are you going to be auth for all of the in-addr.arpa zones?
> And most DNS lookups do NOT involve the root servers.
>

I agree, if you don't have reverse DNS on a network, it will crawl

Yes, I have .arpa also.
-rw-r--r--   1 chris    chris    18432060 Aug 25 19:59 inaddr.zone

>
> > As I've said in a few other posts. Yes we are running sites like
> > altavista. Yes we do have a ton of traffic. If one of our customers wants
> > to resolve the 50 million hits a day they get, then we are going to make
> > sure they can do it.
>
> If there is a problem with resolving the PTR record, it is usually
> because they have misconfigured it, not because of a query to root.
>
> >
> > I work with what I can control. I run the DNS servers here, and I would
> > like to do what I can to make things as fast as possible with the
> > resources available.
>
> Then why ask the experts and then disagree with them.
>

I only disagree when experts when they tell me that something can't be done that
I'm sure can be.

>
> > Since when does using nslookup to query a root server have anything to do
> > with local DNS setup,
>
> Since DNS was invented.
>

Funny, I thought you could run nslookup on a machine that has an empty
resolve.conf and still query a root server...

>
>  and as far as my network, I'm proud to say that I'm
> > sitting on one of the better networks in southern california.
> >
> > > might help you to know that the root servers don't recurse. [They're
> >
> > Yeah, we covered this about 3 days ago.. I think just about everyone
> > reading this newsgroup knows how root nameservers function to that degree.
> >
> > >
> > > only supposed to be queried by name servers, not resolvers in things
> > > like nslookup.] Perhaps your "techs" confuse a referral answer from a
> > >
> >
> > no, it's more like you type in nslookup, set server to a root server that
> > you KNOW is geographically close to you, send it a query and get no
> > response. Then you try another root server and still get no response. When
> > this came up it was at about 6pm on a week day.. and I'm sure the internet
> > was really cramped at that hour.
>
> A response NEVER came? Did you get a timeout message?
> What was the query?
>

Yes, they timed out. I'm not trying to say that you can't always get a root
namesever I'm just saying that sometimes your resolver isn't going to be able to
reach it's first choice root name server(or second..). The guy that pointed this
out to me said to me in a kinda frantic voice "The name servers are down" .. My
first thought was how the hell did all my nameservers drop at once. He then
pointed out that he couldn't get a query off of 3 root servers in a row. We
checked pings and traceroutes to the servers to verify that it wasn't a network
problem. I couldn't see anything wrong with the network so I told him to wait 15
min and it would be fine, and it was.
I doubt there is a serious problem with the internet's root nameservers, I just
think that I could perform the same task in-house faster and save a tiny bit of
bandwidth.

>
> But, the fact still remains, if I can get
> > a root server on my network, and get our local nameserves to query it, and
> > have our customers nameservers query it, it will speed things up. I don't
> > know how much it will speed things up but I would like to find out. Since
> > no one seems to have done this before.
>
> If you feel that is the solution then do it..
>

Blah, That's what I'm trying to do!   I don't suppose you would like to help ;-)