[Yeti DNS Discuss] 答复: [rfc-editor at rfc-editor.org: BCP 209, RFC 8109 on Initializing a DNS Resolver with Priming Queries]

Davey Song(宋林健) ljsong at biigroup.cn
Thu Mar 16 09:23:36 UTC 2017


Thank for the information. 

I notice that the it suggests that resolver needs to issue direct queries
for A and AAAA RRsets for names which does not fit in the size of priming
response. In that case, it will loosen the hard limitation of 13 root.
Resolver can ask additional queries to get all information of root servers.

By the way, now I do not persist in adding more name server plus 13 as a
goal to expand the system, but rather introduce more DMs who can sign
different root zone with different set of root server (the number may be
equal or less than 13).  

Imaging that one day IANA (as KSK holder) can sign more than one DM(ZSK
holder). Each DM can sign a root zone individually (as Yeti does). These
root zones are almost identical expect for the apex records (NS , DNSKEY and
RRSIG).  It is a operational change other than a protocol change.  

Davey

-----邮件原件-----
发件人: discuss [mailto:discuss-bounces at lists.yeti-dns.org] 代表 Stephane
Bortzmeyer
发送时间: 2017年3月16日 16:47
收件人: discuss at lists.yeti-dns.org
主题: [Yeti DNS Discuss] [rfc-editor at rfc-editor.org: BCP 209, RFC 8109 on
Initializing a DNS Resolver with Priming Queries]

A very useful reading for all the people who manage either a root name
server or a resolver :-)

This process ("priming") is specially important for Yeti since its list of
root name servers changes much more often than the "official"
root. Most local lists of root name servers on Yeti resolvers are probably
outdated.







More information about the discuss mailing list