On 2012-10-03 12:55 AM, David Conrad wrote: > On Oct 2, 2012, at 5:49 PM, Vernon Schryver <[email protected]> wrote: >> The only reasonable solution is to give stub resolvers some of the >> features of recursive resolvers including DNSSEC validation and caching >> to make the costs of DNSSEC tolerable. > Why not get rid of stub resolvers completely and simply use recursive > resolvers?
there's an urban legend about how the authority servers depend on caching by intermediate recursives and that if every end system had its own recursive server on board the authorities would melt. the actual truth is that 98.9% of the traffic coming to the roots, and likely 90% of the traffic coming to authority servers overall, is dreck. for which they are amply overprovisioned. if we dilute that with more real traffic it might get the dreck percentage down to 80% but it wouldn't melt anything. paul _______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations dns-jobs mailing list https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
