[NCLUG] Are you running a local nameserver?
Michael Milligan
milli at acmeps.com
Wed Nov 7 13:18:28 MST 2007
John L. Bass wrote:
> bob at proulx.com (Bob Proulx) writes:
>
>>Agreed. I remember the last time this happened and it was not a
>>problem.
>
>
> When I talked with LaMont this afternoon he suggested this was completely
> a non-issue for a number of reasons.
This biggest reason is that there was only one IP address change.
That's a non-event in the DNS world w.r.t. root hints.
Perhaps what Bob doesn't know is that the root list is only used to find
out what the /current/ root list is when a BIND name server starts. It
queries the first one for the list (think "dig ns .") and if it gets an
answer that is authoritative, it uses that list of NS and A records to
seed the internal cache for the root "." zone (with very large TTLs).
If the response is non-authoritative, it tries another one. This is
called "priming".
For the current list, the old IP for L-root, when it is retired, will
just timeout and a different IP in the root hint list will be tried.
So, by not updating your root hints file, whether you use an explicit
one or wait for a distro upgrade, the only potential for problem here is
a slight delay if L-root's old IP address is listed first in the file...
the server has to endure a 5 second timeout before it tries a different
root. After that, no delays... all the usual redundancy mechanisms kick
in (RTT tracking in particular).
Regards,
Mike
--
Michael Milligan -> milli at acmeps.com
More information about the NCLUG
mailing list