Sorry for most of the following comments on draft-ietf-dnsop-root-loopback-01 applicable to its appendices.
It is better to describe that the update of the zone can be delayed a little bit as no NOTIFY message is sent to the root-on-loopback. In Appendix A, the root servers listed allow AXFR currently, but I am afraid they don't guarantee it in the future. It may be necessary to confirm it with the operator of each root server listed. In Appendix B, most of the IP addresses of the root DNS servers are anycasted. They are not suitable for the target to pull the zone data in AXFR over TCP. Also it must be noted that these addresses may change over time (while the frequency is not high), it may need to give a warning to periodically check if the addresses are valid. Generating the configuration after priming query? (this is a joke) IMHO, it may necessary to establish an infrastructure to distribute root zone in scalable/reliable manner. -- Akira Kato _______________________________________________ DNSOP mailing list [email protected] https://www.ietf.org/mailman/listinfo/dnsop
