On 20October2010Wednesday, at 14:06, David Conrad wrote:
> Bill,
>
> On Oct 20, 2010, at 1:58 PM, bill manning wrote:
>> right... but only rarely in the DNS world do edge nodes actually go hit
>> the authoritative sources. much/most of the time they hit a cache,
>> often
>> one run by a random third party.
>
> I would truly love to see the data you have that backs this up. Pointers?
> (Note that this is not rhetorical -- I'm doing some work right now in which
> this info would be quite helpful).
i can show the auth data I have, the (to me) data from large caches is
suggested in places like OARC and elsewhere that suggest caching is
a huge factor is the scaling of the DNS. I've been flogging the idea
that it would be an excellent idea to correlate data flows between
stub/cache/auth
servers and maybe have a couple of interested parties. if your doing
similar work, we should talk in a more restricted setting.
>
>> oh... leakage into the public DNS means that the root nameservers have
>> to be
>> over-provisioned by a couple orders of magnitude to deal with the crap
>> that should
>> be in private space but leaked out and can't be resolved.
>
> I thought the (vast) over-provisioning of the root servers was to cope with
> DDoS attacks.
this (leaking) is a DDoS... :)
-- bill
>
> Regards,
> -drc
>
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf
