To:
Pekka Savola <pekkas@netcore.fi>, Jim Reid <Jim.Reid@nominum.com>
Cc:
DNS Operations <dnsop@cafax.se>
From:
David Conrad <david.conrad@nominum.com>
Date:
Wed, 23 Oct 2002 06:56:17 -0700
In-Reply-To:
<Pine.LNX.4.44.0210231501230.31655-100000@netcore.fi>
Sender:
owner-dnsop@cafax.se
User-Agent:
Microsoft-Entourage/10.1.0.2006
Subject:
Re: anycast
A correction. I mis-remembered the comment (posted to NANOG) from Sean Donelan I referenced. Specifically, Sean said: > DNS clients "need" to communicate with root servers infrequently. > CAIDA (http://www.caida.org/projects/dns-analysis/) data measurements > show an average (50th-percentile) DNS client contacts the root name > servers less than 8 times in a week. 8 times a week is a bit different than once every eight days, ne? Apologies for any confusion. However, I still stand behind the underlying concept -- the way DNS works makes this sort of optimization superfluous. Addressing the rest of Pekka's most recent note: > I believe the discussion was also about those servers possibly having > ccTLD and gTLD data. I'm not aware of the discussion -- all I saw was Randy Bush posting a bad idea, purportedly coming from Steve Bellovin. Sounds like further machinations by the "DNS Cabal"(tm) (:-) if it is necessary). > Imagine a situation where you could get every xxx.yyy name without going > outside of your AS? All things being equal, I'd agree that this sort of decentralization is good. Unfortunately, all things aren't equal -- there is currently no way to determine if the root data returned is "corrupted". When there is a way (e.g., when the root zone is DNSSEC signed), I'd think it'd be a good idea to hold off encouraging people from pretending to own address space they don't have a right to. Note that this is different than what some of the root servers are currently doing wrt anycast. Those root servers are announcing the address space they have been delegated from their AS. Rgds, -drc #---------------------------------------------------------------------- # To unsubscripbe, send a message to <dnsop-request@cafax.se>.