Jeremy Chadwick wrote: > On Thu, Aug 02, 2007 at 01:49:39PM -0700, Doug Barton wrote: >> Oliver Fromme wrote: >>> Hi, >>> >>> Just for the record, I like the current solution, i.e. default >>> being a "hint" zone, and slave zones being commented out, ready >>> to be used for those who know what they're doing. > > I second this. And although I like Doug's use of AXFR from the > roots (like others reported, it definitely speeds things up), I > also want to continue to respect rootserver operators and dns-ops's > concerns. Something that I haven't mentioned but I think is probably worth pointing out is that at least for Paul Vixie (operator of f.root) the concern is not for the root servers, it's for potential problems on the client side. The following is from http://lists.oarci.net/pipermail/dns-operations/2007-August/001920.html i remain perplexed about the general perception that AXFR is bad for a root name server. it's not. RFC1035 describes some resource management techniques for TCP state blobs, which the root servers follow. the chance that an AXFR will be blown away by a TCP query is very high, and so, it's bad for clients to make production use of AXFR from busy servers.i remain perplexed about the general perception that AXFR is bad for a root name server. it's not. RFC1035 describes some resource management techniques for TCP state blobs, which the root servers follow. the chance that an AXFR will be blown away by a TCP query is very high, and so, it's bad for clients to make production use of AXFR from busy servers. The 3 zones in question are actually really small: -rw-r--r-- 1 bind wheel 1.6K Aug 2 14:25 arpa.slave -rw-r--r-- 1 bind wheel 23K Aug 2 14:24 in-addr.arpa.slave -rw-r--r-- 1 bind wheel 64K Aug 2 14:30 root.slave so I'm not sure how much of a problem this is in practice. > So offering the template configuration to do so, but not enabling > it by default, is a very good thing. Thank you for doing this, > Doug. Glad to do it. I'm also glad to see that this topic is getting serious discussion. Doug -- This .signature sanitized for your protectionReceived on Thu Aug 02 2007 - 19:49:30 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:15 UTC