Lead Scientist Responds to Questions on Root Server Queries

← Back to Stories (view on slashdot.org)

Lead Scientist Responds to Questions on Root Server Queries

Posted by ryuzaki0 on Thursday February 27, 2003 @01:09PM from the anti-spam-measure-backlash dept.

cidtoday writes "A CircleID interview with the lead scientist whose study recently revealed that 98% of a main root server queries are unnecessary, reveals that spam has little to do with the issue. In fact, he provides two reasons why anti-spam tools cause more unnecessary queries to the root servers than spam emails. Many other questions previously raised by Slashdot readers on the study are also answered."

4 of 192 comments (clear)

Min score:

Reason:

Sort:

Spam E-mail with broken links... by $$$$$exyGal · 2003-02-27 13:20 · Score: 5, Interesting

spam emails floating around in people's inboxes, many of which contain broken links that cause bad DNS lookups
Here's a link that lists how some spammers attempt to hide their real identities. This isn't necessarily exactly what the root server query guy was talking about, or maybe it is? Either way, it is very enlightening. Some slashdotters even occasionally try to hide a goatse link this way.
--sex

--
Very popular slashdot journal for adul
Never mind the roots... by bourne · 2003-02-27 13:20 · Score: 5, Interesting

It's BB&N... er, GTEI... er, Genuity that's getting pounded. They provide caching DNS servers to the entire Internet at 4.2.2.1 (.2, ...) and because they're so easily memorizable, I've never met a sysadmin who didn't put them in a hosts' configuration in a pinch.
Why are they not blocking queries from the abusers by Jailbrekr · 2003-02-27 13:24 · Score: 4, Interesting

If they can identify and quantify eplicit networks or IP addresses causing the 'abuse', then why don't they send a warning and then block them? They'll fix the problem real quick.....

--
Feed the need: Digitaladdiction.net
So what? by Jordy · 2003-02-27 16:40 · Score: 4, Interesting

I don't understand why this is news or why it required any level of study.

The root servers handling zone '.' such as F.ROOT-SERVERS.NET put refresh periods of 48 hours on most every query. That means that at most once every 48 hours every name server on the planet should re-ask the root servers where to get answers for each of the gtlds, com, net, org, arpa, etc.

What they should receive the most queries for are domains that don't exist because everything else is cached for such a long period of time. That is the point of the root servers.

If the root servers are having trouble handling the query load then they should be upgraded for goodness sake. These are root servers after all and I think the global internet community could spare a few dollars to add some spare capacity if it is required.

To improve on this, BIND could up the maximum negative RR cache default time to live. Right now I believe it is set to 3 hours and the root servers use a 1 day SOA.MINIMUM instead, so BIND is always lowering it by default.

Of course, other nameservers are different. Some older versions of BIND by default only stored negative RR for 10 minutes.

--
The world is neither black nor white nor good nor evil, only many shades of CowboyNeal.