> 1. Root servers SHOULD offer open AXFR over TCP* (perhaps updating RFC 7720).
It appears that Wes Hardaker <[email protected]> said: >Zone file over HTTP has a number of advantages, according at least the >views of a few people that I've talked with (and they should speak up >here). One obvious one is negotiated compression (mentioned in the >document) and potentially better global load balancing infrastructure. The advantage of AXFR is that DNS servers know how to use it to keep a copy of a zone up to date. The advantage of http is that we know how to use it to distribute files at scale -- that's a CDN. It is not obvious to me which will be more difficult to set up in the short run and maintain in the long run, create AXFR CDNs, or add features to DNS servers to fetch updated zones via http. (I realize that there are ways to fake the latter, but we want something that doesn't need a DNS expert to set up.) ICANN has two public AXFR servers at xfr.cjr.dns.icann.org and xfr.lax.dns.icann.org. How about asking them what their experience has been, how's the load, how hard is it to manage, how have they dealt with the sorts of attacks that people make on public servers. R's, John _______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
