Re: [DNSOP] comments on draft-ietf-dnsop-resolver-priming-02

Chris Thompson <> Mon, 09 November 2009 21:26 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4FF2F28C25B for <>; Mon, 9 Nov 2009 13:26:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.785
X-Spam-Status: No, score=-4.785 tagged_above=-999 required=5 tests=[AWL=1.814, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id YOBzHO+1mn8s for <>; Mon, 9 Nov 2009 13:26:44 -0800 (PST)
Received: from ( []) by (Postfix) with ESMTP id 3B4AE28C24D for <>; Mon, 9 Nov 2009 13:26:44 -0800 (PST)
X-Cam-AntiVirus: no malware found
X-Cam-SpamDetails: not scanned
Received: from ([]:41069) by ( []:25) with esmtpa (EXTERNAL:cet1) id 1N7blV-0006og-2u (Exim 4.70) for (return-path <>); Mon, 09 Nov 2009 21:27:09 +0000
Received: from prayer by ( with local (PRAYER:cet1) id 1N7blV-0000H7-Sc (Exim 4.67) for (return-path <>); Mon, 09 Nov 2009 21:27:09 +0000
Received: from [] by with HTTP (Prayer-1.3.2); 09 Nov 2009 21:27:09 +0000
Date: Mon, 09 Nov 2009 21:27:09 +0000
From: Chris Thompson <>
Message-ID: <>
In-Reply-To: <>
References: <>
X-Mailer: Prayer v1.3.2
Mime-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="ISO-8859-1"
Sender: Chris Thompson <>
Subject: Re: [DNSOP] comments on draft-ietf-dnsop-resolver-priming-02
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF DNSOP WG mailing list <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 09 Nov 2009 21:26:45 -0000

I think I would like to ask "what's special about priming anyway?".

As part of explaining how the DNS works, I tend to include something
along the following lines:

 Q. Why does the root "hint" zone not look like a real zone?
 A. Because it isn't a zone at all, it's a referral.
 Q. A referral? from where?
 A. It's the referral from Trantor[*] when asked about anything
    in this poxy little planet-bound Internet. See: the NS records
    are the Authority section of the referral, and the address
    records are the glue in the Additional section. (Because all
    the nameservers are on the same planet! Shocking...) We keep
    a local copy because the RTT to Trantor is inconveniently long,
    and the referral always looks the same anyway, apart from the
    Question section.

[*] Feel free to substitute the Galactic Centre of your choice.

The logic is: if you don't have any record of nameservers in your
cache superior to the name being queried for (because they have
been timed out, squeezed out for lack of memory, or you have just
started up), then invent the appropriate referral based on the
root "hints" and take it from there.

It seems to me that this is more or less how RFC1034 is saying
the SBELT structure should be used, except that we no longer think
it appropriate to have customised referrals-from-Trantor including
"two of the servers for the host's domain".

Now I am aware that this isn't exactly how nameservers are actually
programmed, and that they perform explicit priming rather than the
"lazy priming" implied above. But would it actually matter if they
did it that way? And maybe the right attitude towards explicit
priming ought to be "don't do it in a way that makes more queries
to the root servers than lazy priming would".

Chris Thompson               University of Cambridge Computing Service,
Email:    New Museums Site, Cambridge CB2 3QH,
Phone: +44 1223 334715       United Kingdom.