default dns config change causing major poolpah
markir at paradise.net.nz
Thu Aug 2 07:27:49 UTC 2007
Peter Losher wrote:
> One of the other objections I have with this change (other than the fact
> that it was made w/o consultation) is the fact that this is would become
> the "default" setting. Yes, busy mail servers may be better served by
> slaving frequently used zones, and as Vixie mentioned on the
> dns-operations list, there is less objection if "wizards" use AXFR, and
> they would perhaps know more of the pitfalls that doing this entails
> (vs. relying on hints).
> But the fact is this is being enabled for every Tom, Dick, and Sarah
> operating a OS who won't know what the possible ramifications are of
> this change, and the benefit compared to the downside is nonexistant.
> And that is *BAD, BAD, BAD*. Has this change been raised on the
> relevant IETF DNS operations list? These are the defaults we are
> talking about here.
On the ramifications - I run named purely as a caching resolver (my
isp's dns servers are pathetically slow)... and I was somewhat surprised
to discover that I'm *now* slaving zones from the root servers - it's
not that I'm especially stupid (I hope...), but rather that I set this
up before this change came into effect and didn't notice it during
The thing that concerns me now is this: are there many folks in a
similar situation, are we gonna be unwittingly hammering these root servers?
More information about the freebsd-stable