[afnog] Decreasing Access Time to Root Servers DNS by Running One on Loopback
Mathias HOUNGBO
mathias at houngbo.net
Mon Dec 14 09:53:15 UTC 2015
I use a similar method on my laptop for a while; but I know it is not a
'nice solution'.
But when you have some ISPs who don't maintain their DNS resolvers, you
did not have much choice : use public DNS resolver or slave root DNS.
For example, in Bénin, we have copy of a root server on the Internet
exchange point (benin-ix.org.bj), but I believe there is only one ISP
that uses it!
Le 25/11/2015 23:38, Mathias HOUNGBO a écrit :
> FYI
>
> Some DNS recursive resolvers have longer-than-desired round-trip
> times to the closest DNS root server. Some DNS recursive resolver
> operators want to prevent snooping of requests sent to DNS root
> servers by third parties. Such resolvers can greatly decrease the
> round-trip time and prevent observation of requests by running a copy
> of the full root zone on a loopback address (such as 127.0.0.1).
> This document shows how to start and maintain such a copy of the root
> zone that does not pose a threat to other users of the DNS, at the
> cost of adding some operational fragility for the operator.
>
>
> https://tools.ietf.org/html/rfc7706
>
> Il n'y a pas de raccourci pour atteindre le développement.
> Open source is not limited to software and it is not limited to english either!
> Mefies toi de la médiocrité, c'est la moisissure de l'esprit
>
>
>
> _______________________________________________
> afnog mailing list
> https://www.afnog.org/mailman/listinfo/afnog
Il n'y a pas de raccourci pour atteindre le développement.
Open source is not limited to software and it is not limited to english either!
Mefies toi de la médiocrité, c'est la moisissure de l'esprit
--
My blog : Made in Bénin - http://mathias.houngbo.net
Charter President ONG IGBANet - http://www.igbanet.org/
(GDG Cotonou, WTM Cotonou, BJNOG, Cotonou LUG, Cotonou Wireless, CodeKid, Hackerspace Cotonou)
System and Network Administrator at BCEAO Bénin --- C.T.O & Co-Founder at STARSOFT INFORMATIQUE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.afnog.org/pipermail/afnog/attachments/20151214/f7627892/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.afnog.org/pipermail/afnog/attachments/20151214/f7627892/attachment.sig>
More information about the afnog
mailing list