From owner-freebsd-current@FreeBSD.ORG Thu Aug 2 07:27:49 2007 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1187616A417; Thu, 2 Aug 2007 07:27:49 +0000 (UTC) (envelope-from markir@paradise.net.nz) Received: from smtp4.clear.net.nz (smtp4.clear.net.nz [203.97.37.64]) by mx1.freebsd.org (Postfix) with ESMTP id CB5A113C4B3; Thu, 2 Aug 2007 07:27:48 +0000 (UTC) (envelope-from markir@paradise.net.nz) Received: from zmori.markir.net (121-72-65-47.dsl.telstraclear.net [121.72.65.47]) by smtp4.clear.net.nz (CLEAR Net Mail) with ESMTP id <0JM400MH5XDBKX30@smtp4.clear.net.nz>; Thu, 02 Aug 2007 19:12:47 +1200 (NZST) Date: Thu, 02 Aug 2007 19:12:40 +1200 From: Mark Kirkwood In-reply-to: <46B17F0F.20108@isc.org> To: freebsd-stable@freebsd.org, freebsd-current@freebsd.org Message-id: <46B183E8.1060604@paradise.net.nz> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7bit References: <30863.1186034398@critter.freebsd.dk> <46B17F0F.20108@isc.org> User-Agent: Thunderbird 2.0.0.4 (X11/20070716) Cc: dougb@FreeBSD.org Subject: Re: default dns config change causing major poolpah X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Aug 2007 07:27:49 -0000 Peter Losher wrote: > > One of the other objections I have with this change (other than the fact > that it was made w/o consultation) is the fact that this is would become > the "default" setting. Yes, busy mail servers may be better served by > slaving frequently used zones, and as Vixie mentioned on the > dns-operations list, there is less objection if "wizards" use AXFR, and > they would perhaps know more of the pitfalls that doing this entails > (vs. relying on hints). > > But the fact is this is being enabled for every Tom, Dick, and Sarah > operating a OS who won't know what the possible ramifications are of > this change, and the benefit compared to the downside is nonexistant. > And that is *BAD, BAD, BAD*. Has this change been raised on the > relevant IETF DNS operations list? These are the defaults we are > talking about here. > > On the ramifications - I run named purely as a caching resolver (my isp's dns servers are pathetically slow)... and I was somewhat surprised to discover that I'm *now* slaving zones from the root servers - it's not that I'm especially stupid (I hope...), but rather that I set this up before this change came into effect and didn't notice it during (presumably) mergemaster. The thing that concerns me now is this: are there many folks in a similar situation, are we gonna be unwittingly hammering these root servers? regards Mark