From owner-freebsd-current@FreeBSD.ORG Thu Aug 2 10:14:41 2007 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 04BC416A419 for ; Thu, 2 Aug 2007 10:14:41 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by mx1.freebsd.org (Postfix) with SMTP id 9276813C4CB for ; Thu, 2 Aug 2007 10:14:40 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 7514 invoked by uid 399); 2 Aug 2007 10:14:40 -0000 Received: from localhost (HELO lap.dougb.net) (dougb@dougbarton.us@127.0.0.1) by localhost with ESMTP; 2 Aug 2007 10:14:40 -0000 X-Originating-IP: 127.0.0.1 Message-ID: <46B1AE8E.8030307@FreeBSD.org> Date: Thu, 02 Aug 2007 03:14:38 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Thunderbird 2.0.0.5 (X11/20070723) MIME-Version: 1.0 To: Matthew Dillon References: <200708020114.l721EMvl095981@drugs.dv.isc.org> <200708020135.l721Zm2s026224@apollo.backplane.com> In-Reply-To: <200708020135.l721Zm2s026224@apollo.backplane.com> X-Enigmail-Version: 0.95.1 OpenPGP: id=D5B2F0FB Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: FreeBSD Current , FreeBSD Stable Subject: Re: default dns config change causing major poolpah X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Aug 2007 10:14:41 -0000 Matthew Dillon wrote: > I generally recommend using our 'getroot' script to download an actual > root.zone file instead of using a hints file (and I guess AXFR is supposed > to replace both concepts). Yes to AXFR replacing both, but ... > It has always seemed to me that actually > downloading a physical root zone file once a week is the most reliable > solution. This is a really bad idea. The root zone changes slowly, but it often changes more than once a week. Add to that the more-rapid deployment of new TLDs nowadays and the occasional complete reprovisioning of an existing TLD, and one week is too long to go between updates. > I've never trusted using a hints file... not for at least a decade, I'm not sure how the hints file could fail, it's a pretty simple mechanism. But you're better off using hints (which go years between updates, and you only need one good server to get your cache primed anyway) OR AXFR, which will keep itself up to date automatically. Doug -- This .signature sanitized for your protection