Re: Update of RFC 2606 based on the recent ICANN changes ?

John Levine <> Mon, 07 July 2008 17:54 UTC

Return-Path: <>
Received: from [] (localhost []) by (Postfix) with ESMTP id 0926F28C149; Mon, 7 Jul 2008 10:54:02 -0700 (PDT)
Received: from localhost (localhost []) by (Postfix) with ESMTP id DBA6628C16A for <>; Mon, 7 Jul 2008 10:54:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -10.681
X-Spam-Status: No, score=-10.681 tagged_above=-999 required=5 tests=[AWL=-0.097, BAYES_00=-2.599, RCVD_IN_BSP_TRUSTED=-4.3, RCVD_IN_DNSWL_MED=-4, SARE_MILLIONSOF=0.315]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Zt2v6AzWNcX3 for <>; Mon, 7 Jul 2008 10:54:00 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id A726928C149 for <>; Mon, 7 Jul 2008 10:53:59 -0700 (PDT)
Received: (qmail 9336 invoked from network); 7 Jul 2008 17:54:05 -0000
Received: from ( by with QMQP; 7 Jul 2008 17:54:05 -0000
Received: from localhost (sendmail-bs@ by localhost with SMTP; 7 Jul 2008 17:54:05 -0000
Date: Mon, 7 Jul 2008 13:54:05 -0400 (EDT)
From: John Levine <>
To: John C Klensin <>
Subject: Re: Update of RFC 2606 based on the recent ICANN changes ?
In-Reply-To: <F8F3EE48494D3E281D901830@p3.JCK.COM>
Message-ID: <>
References: <> <F8F3EE48494D3E281D901830@p3.JCK.COM>
User-Agent: Alpine 1.10 (BSF 962 2008-03-14)
Cleverness: None detected
MIME-Version: 1.0
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <>
List-Unsubscribe: <>, <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"

>> the junk. Conversely, if root server traffic is an issue,
>> getting networks to clean up their DNS traffic would be much
>> more effective than limiting the number of TLDs.

> While I find this interesting, I don't see much logical or statistical 
> justification for the belief that, if one increased (by a lot) the 
> number of TLDs, the amount of "invalid" traffic would remain roughly 
> constant, rather than increasing the multiplier.

As I recall from prior surveys, the invalid traffic is largely independent 
of valid domains, e.g., queries from RFC1918 space (4% of all traffic at 
one server), repeated queries for the same nonexistent name, dynamic rDNS 
updates from misconfigured Windows boxes, stuff like that.

> And, of course, two of the ways of having "networks [to] clean
> up their DNS traffic" depend on local caching of the root zone
> (see previous note) and filtering out root queries for
> implausible domains.  Both of those are facilitated by smaller
> root zones and impeded by very large ones.

Oh, I agree.  But I really don't think there's much point in worrying 
about root zones with millions of domains.  Nothing ICANN is likely to do 
would raise it above thousands, and a zone with a few thousand entries 
should be well within the capacity of any DNS server.

John Levine,, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be,, ex-Mayor
"More Wiener schnitzel, please", said Tom, revealingly.
Ietf mailing list