martin f krafft wrote: > Of course it works the other way, but if everyone out there hammered > the root-servers, then they'd have a huge problem. > > > (by root servers, i think you meant content servers, btw.) > > No, I meant the root-servers, i.e. the servers responsible for the > '.' zone.
i think you are mistaken. in practice, unbound (or bind or any other reasonably compliant full service DNS resolver / cache) only sends occasional queries to the root; running unbound in normal recursive full service mode doesn't "hammer" the roots. delegations and glue from the root zone have quite long TTLs (2 days). the only way you could see unbound "hammering" the roots would be if your clients looked up a large number of domain names under nonexistent TLDs. because query rcode 3 (name error / NXDOMAIN) only specifies the nonexistence of a domain name it cannot tell the querier about the nonexistence of a zone cut between that domain name and the root. -- Robert Edmonds edmo...@debian.org -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
