IETF Logo Mail Archive

Re: [DNSOP] reducing the crap going to the root

Burkov Dmitry <dvburk@gmail.com> Sun, 18 December 2016 15:46 UTC

Return-Path: <dvburk@gmail.com>
X-Original-To: dnsop@ietfa.amsl.com
Delivered-To: dnsop@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDE831294DA for <dnsop@ietfa.amsl.com>; Sun, 18 Dec 2016 07:46:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.333
X-Spam-Level:
X-Spam-Status: No, score=-0.333 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, NML_ADSP_CUSTOM_MED=0.9, SPF_SOFTFAIL=0.665] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Z11WTiSoFHVY for <dnsop@ietfa.amsl.com>; Sun, 18 Dec 2016 07:46:51 -0800 (PST)
Received: from smtp1.faitid.org (smtp1.faitid.org [176.121.17.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DBFF11293DA for <dnsop@ietf.org>; Sun, 18 Dec 2016 07:46:50 -0800 (PST)
Received: from [213.87.147.98] (port=54604 helo=[192.168.1.41]) by smtp.faitid.org (FAITID) with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) id 1cIdfi-0007Xz-N4; Sun, 18 Dec 2016 18:46:46 +0300
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 10.1 \(3251\))
From: Burkov Dmitry <dvburk@gmail.com>
In-Reply-To: <FB447501-FC7D-4484-9DE2-BC7A59EEBFEB@rfc1035.com>
Date: Sun, 18 Dec 2016 18:46:40 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <0B8372E7-D332-48B4-AD8A-CA4C2FEA2A5E@gmail.com>
References: <20161214220428.1688.qmail@ary.lan> <9EC2695D-5CC5-479F-9998-27810608E71E@fugue.com> <CAH1iCioPZiO78j478BV7t=pTN9LZXQbweeBZQF2w3O1gKwx3XA@mail.gmail.com> <20161215011803.A2B705CE7CAA@rock.dv.isc.org> <CAH1iCir6R=DG+RM1BoMn1s31x3ZoN4bHLO7dWdVL-yCD3u3R0A@mail.gmail.com> <CAPt1N1=Mw=LSQ+dwFX2MFKTzSHMzWKAMLrW9fQPaAggMb+GJ-A@mail.gmail.com> <CAH1iCirFZtCWVkMqFp8Fb=wJLzmBNb2k5PfxKBRNUtgVR7cMXA@mail.gmail.com> <CAPt1N1nHmrRwAGGJCTwD=PhW1w=QHHSnvi1D3GN4kNxHSgapEA@mail.gmail.com> <20161215041912.32A8F5CE9152@rock.dv.isc.org> <CAPt1N1mwoGDuc8fn7mFd0R3cx_xQLBM3H=ye9L+ceE6kvUo-mQ@mail.gmail.com> <4195DBA6-6EAE-45CE-AD61-9236C62124D0@google.com> <alpine.OSX.2.11.1612151555520.6844@ary.local> <CAPt1N1mWLw-thMrVvztdSDkPp6zW8ptick4ZnDKUatBf44QfiA@mail.gmail.com> <49A7DCF7-9FEC-4572-BE88-D90B415F330A@virtualized.org> <BE8D68C9-3E7D-459C-AA9B-855B43A53CC5@fl1ger.de> <FB447501-FC7D-4484-9DE2-BC7A59EEBFEB@rfc1035.com>
To: Jim Reid <jim@rfc1035.com>
X-Mailer: Apple Mail (2.3251)
Archived-At: <https://mailarchive.ietf.org/arch/msg/dnsop/eYJljlUE3QhDGNptpJyz98AtVSo>
Cc: IETF dnsop WG <dnsop@ietf.org>, Ralf Weber <dns@fl1ger.de>
Subject: Re: [DNSOP] reducing the crap going to the root
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dnsop/>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 18 Dec 2016 15:46:53 -0000

Jim,
but you raise for me another question - if 90% will be served by google,etc - what the real value and role of the roots?

Dima
> On Dec 18, 2016, at 6:32 PM, Jim Reid <jim@rfc1035.com> wrote:
> 
> 
>> On 18 Dec 2016, at 15:11, Ralf Weber <dns@fl1ger.de> wrote:
>> 
>> There are other ways of reducing the crap to the root servers (RFC 7706). I don't think NSEC Agressive use will reduce crap a lot as if I remember correctly from Geoff Houstons last presentation still around 80% of the resolver don't use DNSSEC and thus even can't implement NSEC Aggressive use.
> 
> First, apologies for a meaningful and relevant Subject: header. :-)
> 
> Ralf, it’s not a question of how many resolving servers do and don’t use DNSSEC. It’s a question of how many clients that are behind them.
> 
> ISTR Geoff saying that quite a large proportion of the Internet relies on google’s or Comcast’s resolving servers. So if they were to deploy NSEC Aggressive Use, it should significantly reduce the crap query traffic going to the root.
> 
> That said, it would be good to get some data on this or model it somehow, say by using the DITL datasets. Any volunteers?
> 
> _______________________________________________
> DNSOP mailing list
> DNSOP@ietf.org
> https://www.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email