[NCLUG] Are you running a local nameserver?

[Bob Proulx]

Michael Milligan wrote:
> This biggest reason is that there was only one IP address change.
> That's a non-event in the DNS world w.r.t. root hints.

I agree that this is a low priority issue.  But it is not zero.

> Perhaps what Bob doesn't know is that the root list is only used to find
> out what the /current/ root list is when a BIND name server starts.

Yes, I was aware of that.  I thought I said almost as much in my
relatively non-technical format.

> It queries the first one for the list (think "dig ns .") and if it
> gets an answer that is authoritative, it uses that list of NS and A
> records to seed the internal cache for the root "." zone (with very
> large TTLs).  If the response is non-authoritative, it tries another
> one.  This is called "priming".

Yes, priming-the-pump.  Hmm...  Where did I hear that before?

> For the current list, the old IP for L-root, when it is retired, will
> just timeout and a different IP in the root hint list will be tried.

Yep.

> So, by not updating your root hints file, whether you use an explicit
> one or wait for a distro upgrade, the only potential for problem here is
> a slight delay if L-root's old IP address is listed first in the file...

Agreed.

> the server has to endure a 5 second timeout before it tries a different
> root.  After that, no delays... all the usual redundancy mechanisms kick
> in (RTT tracking in particular).

Yep.

Bob