Re: 13 Root Server Limitation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On 2004-05-17, at 00.22, Dean Anderson wrote:

> On Sun, 16 May 2004, Thomas Bocek wrote:
>
>> Hi
>>
>> Iâm confused with the fact than the number of root servers is limited 
>> to 13.
>> From RFC 3226:
>>
>> "The current number of root servers is limited to 13 as that is the 
>> maximum
>> number of name servers and their address records that fit in one 
>> 512-octet
>> answer for a SOA record.  If root servers start advertising A6 or KEY 
>> records
>> then the answer for the root NS records will not fit in a single 
>> 512-octet DNS
>> message, resulting in a large number of TCP query connections to the 
>> root
>> servers."
>>
>> A query send to one of the root servers with a long name (length 255)
>> shows that the answer is 511 bytes, returning one A and 13 NS records.
>> My question is: Why are all 13 NS returned?

[snip]

> This dubious anycast configuration was discussed and "approved" by the
> NAMEDROPPERS Working Group in late November, 2002.

To the best of my knowledge there where root-servers anycasted way 
before this date. And I have no idea why the namedroppers mailinglist 
(or the IETF for that matter) would have to approve how the 
root-servers are operated?

> Unfortunately for the
> anycast discussion, the list then became distracted by discussions
> concerning procedural irregularities involving the AXFR-clarify Draft,
> which would have altered the DNS AXFR and IXFR protocol to conform to 
> the
> non-standard ISC/BIND implementation, despite a number of other
> implementations being able to follow the AXFR and IXFR specifications.
> This quickly developed into a discussion regarding abuse by the list
> administrator (Randy Bush) with respect to Dan Bernstein, and so the
> anycast discussion was abandoned.
>
> As the IETF list members are perhaps unaware, the charges of abuse by 
> ISC
> and ISC-promoters is hardly new.  It is very hard to get real work 
> done in
> the DNS working groups as a result.  ISC/BIND promoters have the 
> working
> group tied up with gratuitous alterations to widely implemented 
> protocols
> (eg AXFR-clarify) and irrational and misleading changes (eg IN-ADDR
> required) that have been demonstrated to either be security risks or
> dangerously misleading security placebo's, and have tried to suppress
> dissent on these issues by refusing to accept email, and in the past,
> silently discarding email, and otherwise harrassing people who offer
> reasoned and detailed objections.
>
> I and others would probably be more involved in issues like DNSSEC, 
> and no
> doubt more progress would be made, if it weren't for the distractions 
> of
> the mismanagement of the IETF and its working groups.

I've got no idea what this has to do with the number of root-servers.

- - kurtis -

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0.3

iQA/AwUBQKitaKarNKXTPFCVEQJ2egCgs69tH2LXGKZI12ZEzhNJ2LVKaVkAoP0s
zo+h2jIT17WGxiR4Rkd6k/8p
=Vd76
-----END PGP SIGNATURE-----


_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]