Re: Problems with named default configuration in 6-STABLE

On 07/17/07 11:06, Heiko Wundram (Beenic) wrote:
On Tuesday 17 July 2007 10:52:43 Volker wrote:
<snip>
Relying on a zone transfer doesn't seem to be reliable to me as more
than half of the root servers doesn't reply to AXFR requests.

I've heard pretty much the same thing as you did wrt. root name servers
denying AXFR, but as "it works" (TM), I don't see a reason not to use it. And
it seems that the author of the FreeBSD default named.conf thought likewise,
which is pretty okay with me (from the experience I gathered this morning).

By the way: using the roots as hints only adds to the number of requests your
server has to do in order to retrieve first-level domain name servers, so in
the end, the transmitted data should be way higher than doing one AXFR to
find them (simply because you'll see a large subset of those toplevel domains
being requested when you're publically offering a DNS server). And the data
is also cached on an AXFR in persistant storage, which is another major
benefit (for me).


Remember, AXFR requires a TCP transfer and not every firewall will
happily let it pass.

I (partially) agree to the speedup effects you mentioned but if just 5
out of 13 root servers support AXFR, your bind will sit for a while to
find a root server responding to it's AXFR requests. That may eat up
your speed improvements. Type hint for the root zone always works
(regardless of the firewall and which root server is being queried).

Volker
_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"

Relevant Pages