RE: root zone file

Simon_Higgs · April 26, 2002, 10:27pm

Replacing the hints file with the top level zone speeds up lookups, and removes the burden from the root servers:

zone "." {
type master;
file "root.db";
};

However, the best way to do this is to AXFR the root zone off of the root servers (note this is the ORSC root configuration and *NOT* the ICANN root):

zone "." {
         type slave;
         file "root.db.slave";
         masters{ 199.166.24.12;
                         216.13.126.116;
                         199.166.28.10;
                         204.80.125.130;
                         195.117.6.25;
                         199.166.31.3;
                         199.166.31.250;
                         199.5.157.128;
                         204.57.55.100;
                         213.196.2.97; };
};

Irrespective of whether you agree with the contents, this method is a very clean and efficient way to reduce the load on the root servers.

I really don't want to start any discussions about the relative merits of
the ICANN vs. ORSC vs. New.net vs. anything root zones, but I feel like I
need to mention that the main zones on this page are for the ORSC root
servers, not the ICANN ones. The ICANN zone file at the bottom is the hints
file, not the root zone.

Thanks,
Matt

> From: William Warren [mailto:hescominsoon@faithwalk.org]
> Sent: Friday, April 26, 2002 5:20 PM
> To: Curtis Maurand; nanog
> Subject: Re: root zone file
>
> Hope this helps
> http://www.superroot.net/downloads.html
>
> Curtis Maurand wrote:
>
> >
> >Anyone know where I can obtain the latest and greatest? I just tried
> >ftp.icann.org to no avail (host not found.) which is where I
> used to get
> >them.
> >Thanks in advance
> >Curtis
> >
>

Best Regards,

Simon

John_L · April 27, 2002, 2:55am

Replacing the hints file with the top level zone speeds up lookups,
and removes the burden from the root servers:

Only if you have an impressively broken DNS cache. The entries in the
root zone (the real one) all have a TTL of 48 hours. Within about the
first three seconds after you start your cache, it'll have data for
com, org, net, arpa, edu, and whatever other TLDs your users use, and
won't have to visit them again for two days.

I looked at the stats from my DNS cache and 12 TLDs account for 95% of
the lookups, with only 79 TLDs referenced at all. There just isn't
much root zone data used.

I really don't want to start any discussions about the relative merits of
the ICANN vs. ORSC vs. New.net vs. anything root zones, ...

Uh huh.

Paul_A_Vixie4 · April 28, 2002, 3:08pm

Replacing the hints file with the top level zone speeds up lookups,

nope. there are less than 300 top level delegations, and a proper
caching implementation will only hit the roots once a week per tld.

and removes the burden from the root servers:

wrong again. (consider the impact of all those axfr's, from millions
of name servers, whenever the root zone changes.)

but what it _will_ do is add one more config file which contains a
dotted quad that might have to change some day. every few years a
root name server is added or moved. everything is fine as long as
there is _some_ overlap between your hints and the truth. but it's
a whole lot easier to automate the change tracking for a hints file
than for something that tries to make every one of millions of name
servers into stealth slaves of the "." zone.

i've set the reply-to to namedroppers, since this is really not a
north american operations issue.