* Paul Vixie: >> Large numbers of sites have been depending on this behaviour for over 15 >> years, so it was wrong of RFC 3484 to break it. > > some number of vendors have depended on revenue from selling this feature > but i'd say that only a small number of sites ever saw any benefit from it. pool.ntp.org, security.debian.org, rsync.gentoo.org, [a-o].ns.spamhaus.org, [a-n].surbl.org. In general the "large RRset" approach is used by those who do not buy special DNS appliance to serve their zones, I think. Many CDNs also serve multiple addresses selected from a larger pool, probably based on network topology and server load/availability. Those folks can mitigate Rule 9 impact by carefully tuning the address set in each response. But those who rely on IETF protocols to distribute and publish their DNS data are out of luck. (Another approach to deal with the Rule 9 fallout is to put all your servers into a dedicated prefix, but I don't think this is a good idea in general.) -- Florian Weimer <fweimer@xxxxxx> BFK edv-consulting GmbH http://www.bfk.de/ Kriegsstraße 100 tel: +49-721-96201-1 D-76133 Karlsruhe fax: +49-721-96201-99 _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf