Date: Wed, 1 Aug 2007 18:04:50 -1000 From: Randy Bush <randy@psg.com> To: Peter Losher <Peter_Losher@isc.org> Cc: Doug Barton <dougb@FreeBSD.org>, FreeBSD Stable <freebsd-stable@freebsd.org>, FreeBSD Current <freebsd-current@freebsd.org> Subject: Re: default dns config change causing major poolpah Message-ID: <18097.22498.575342.155398@roam.psg.com> References: <46B01D5E.6050004@psg.com> <20070801110727.GC59008@menantico.com> <46B0EDEA.8050608@FreeBSD.org> <20070801211320.GE59008@menantico.com> <46B10A28.8000908@FreeBSD.org> <46B12E06.5030809@isc.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> in addition nowhere does it state in RFC2870 that the root-servers have to
> accept AXFR's as part of their service.
in fact, the opposite
2.7 Root servers SHOULD NOT answer AXFR, or other zone transfer,
queries from clients other than other root servers. This
restriction is intended to, among other things, prevent
unnecessary load on the root servers as advice has been heard
such as "To avoid having a corruptible cache, make your server a
stealth secondary for the root zone." The root servers MAY put
the root zone up for ftp or other access on one or more less
critical servers.
randy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?18097.22498.575342.155398>