Faster Updates for DNS Root Servers Arrive

Tee Emm writes "VeriSign's DNS Rapid Update notice period (as announced on NANOG mailing list) expires today. Beginning September 9, 2004 the SOA records of the .com and .net zones will be updated every 5 minutes instead of twice a day. The format of the serial number is also changing from the current YYYYMMDDNN to a new one that depicts the UTC time." We first mentioned this back in July, but it's finally launching now.

dynamic dns

So when will they be added support for dynamic IP addresses a la dyndns etc. That would be great.

Re:dynamic dns

[BenFranske]

That solution is not really as nice as DynDNS. I for one would really like to see a piece of OSS that lets you operate using the (documented) DynDNS protocol so that the standard update scripts widely availible for that would work. Running a nameserver on a system that doesn't require one seems counterproductive. Plus, you could use existing software to keep Windows boxes up to date as well. The DynDNS update protocol is availible here

For all registrars, or just some?

[two-tail]

I remember hearing about this, but I don't remember exactly: Is this available to all registrars, or is there something that needed to be done on their end to get their updates in quickly?

Re:For all registrars, or just some?

[WhiteDeath]

AFAIK the serial number has only ever been in the format of YYYYMMDDNN as a reccomendation. There is nothing in the spec preventing you from numbering versions from 1.

Changing to a UTC timestamp in seconds is no big issue, but for conformity, it's nice if everyone does the same thing, or at least knows what everyone else is doing, especially if you have some software trying to make sense of it all.

Root Servers...

[jmcmunn]

So I don't exactly get it, but is this just the root servers that are going to be updating every five minutes? I read the links, but it still doesn't seem clear to me. I mean, if my registrar (or dns service or whatever) still only send in their updates once every day, this won't really help me as much right?

Of course, once they do send it in I will still get it updated an average of 6 hours faster I guess. Just curious, since the details were a little vague to us non-dns folks.

Speed up attacks?

[two-tail]

Would this make it easier to slip false transfers through whatever nets may exist to catch them (as in this news byte)? I guess false transfers such as this would be noticed by the public at large sooner, so that's not too bad.

increase of (mostly useless) traffic exptected?

how about all those bazillion other nameservers, that would always reask for data every 5 minutes, as the dns records expire much more frequently now.

is verisign and the other dns-rootservers able to cope with the load, or the internet in general?

International Date Format

[Compact+Dick]

It's about time the switch was made -- here's why ISO 6601 is the way to go.

Re:2038 fun

[gclef]

They just said they were encoding the serial number as the seconds since epoch. They never said anywhere how many *bits* they're using to measure that. In fact, since the serial number is a free-form text field, there's not really any way to overflow that. The epoch overflow shouldn't affect this.

Hell Yeah!

[CptTripps]

This is something that should have been taken care of YEARS ago. It'll make it a LOT easier to switch people over to new servers/change IP addresses and such.

Can't wait to go......switch some IP addresses.... ::: not neerly as exciting when you type it out like that :::