Acting as stealth slave for root zone
Mark_Andrews at isc.org
Thu Dec 9 22:39:10 UTC 2004
> In article <cpag8g$e8q$1 at sf1.isc.org>, Paul Vixie <vixie at sa.vix.com> wrote:
> >David Carmean <dlc at halibut.com> writes:
> >> > Certainly F has always allowed zone transfers of the root zone, even
> >> > when it was called NS.ISC.ORG back before the letter-names came into
> >> > being. It is ISC's intention to permit AXFR of the root zone from
> >> > f-root, always.
> >> What are your thoughts as a root server operator about this as a
> >> technique to reduce the load on the roots?
> >I think it would have no effect, or make things worse. 97.9% of everything
> >f-root sees is crud, or so it says at
> > http://dns.measurement-factory.com/writings/wessels-pam2003-paper.pdf
> >Running a stealth slave for the root zone could make things worse if you
> >fail to turn off NOTIFY.
> What conditions would cause a slave to send a notify to a master? Or do
> I misunderstand what is being said?
Named is configured to "just work" with the following configuration.
master -> slave -> other slaves
This requires a slave to NOTIFY other slaves. This is also what
is required by RFC 1996.
BIND 9.4 will have "notify master;" which just causes master zones
to send out NOTIFY messages.
> > It could possibly make things better if your
> >local resolvers are a major contributor to the "97.9% is crud". Most
> >likely result is no difference, since statistically speaking if you're
> >clueful enough to run a stealth slave for the root zone, you already aren't
> >part of the "97.9% is crud" problem, and you've got the TLD NS RRsets in
> >your local caches, and you aren't hitting the root servers very hard at all.
> >Paul Vixie
> Tom Schulz
> schulz at adi.com
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the bind-users