From: Paul Hoffman <paul.hoff...@vpnc.org> Subject: Re: [DNSOP] draft-ietf-dnsop-root-loopback-01 Date: Wed, 25 Mar 2015 10:39:29 -0500
> On Mar 25, 2015, at 12:19 AM, k...@wide.ad.jp wrote: >> In Appendix B, most of the IP addresses of the root DNS servers are >> anycasted. They are not suitable for the target to pull the zone data >> in AXFR over TCP. > > I still disagree with the statement that these are "not suitable", given that > they work fine almost all the time. Proposed addition to alleviate your > concern: > > AXFR transfer over TCP to addresses that are likely to be anycast (as > the the ones > above are) may have transfer problems different than AXFR over UDP. > > --Paul Hoffman Thanks, Paul. As George suggested, when one AXFR trial fails due to route flaps, it will try another, and I understand that a single transient TCP failure may not be a serious problem. I am happy with the proposed text addition at this moment. If I happen to have data, I will write again. -- Akira Kato P.S. As the root zone is signed by NSEC rather than NSEC3, zone enumaration over UDP is possible :-) _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
