On Fri, Jun 2, 2023 at 10:20 AM Chris Adams <[email protected]> wrote:
> Once upon a time, Dave Knight <[email protected]> said: > > Aiui BIND9 uses the root.hints just once on receipt of the first query > when starting with an empty cache, whereupon it will use the hints to find > a root server to do a priming query, replacing the hints with the result of > that. > > It's been a long while since I looked - how is that done? Do the > resolvers query multiple servers from their hints (and somehow resolve > differences), or do they just pick one at random and accept the results? That could be very implementation specific. IIRC, unbound would pick a working one from the root.hints and prime its list from there. > > > It seems like maybe if they'd query multiple and take a majority opinion > of the results, the potential damage of hijacking of an old IP would be > minimized. > -- > Chris Adams <[email protected]> > _______________________________________________ > dns-operations mailing list > [email protected] > https://lists.dns-oarc.net/mailman/listinfo/dns-operations >
_______________________________________________ dns-operations mailing list [email protected] https://lists.dns-oarc.net/mailman/listinfo/dns-operations
