Re: Life after source quench

Charles Hedrick (
Fri, 13 Nov 87 17:36:44 EST

There can't really be two sets of root servers. The problem is that
when a server doesn't know the answer to a question, it generally
sends a response that refers the questioner to the root. Bind
processes such responses by adding all the data they give to its
cache, and then posing its question again. (The hope is that some of
the data just added will let it find the answer this time.) So if the
official root servers point to any other servers that even indirectly
ever refer us to a server that lists the bogus root servers in a
response, we will eventually end up with the bogus root servers in our
cache. Furthermore, the problem is contagious, because now we will
refer other people to talk to us to you as a root server. I don't
doubt that there are still bugs in our named (although I think it is
better than any of the released versions). But it doesn't dream up
name servers out of whole cloth. I believe you are seeing a
combination of a bug that causes unreasonably large rates of name
server requests, with the fact that somebody has referred us to you as
a root server. Thus you get caught in the crossfire between us and
the roots. Tonight I'm going to spend some more time inside named. I
have found a number of pieces of code in it already that are
non-functional. I suspect I'll find another one or two tonight.

(Definition: When I use the term "bogus root name server", I mean any
name server that claims to be a root name server, which is not listed
as one by SRI-NIC when we ask it who the root servers are.)

This archive was generated by hypermail 2.0b3 on Thu Mar 09 2000 - 14:39:55 GMT