-
Blogs
-
News
-
Industry
-
Community
-
Topics
The .net Top Level Domain (TLD) contains the names of the main group of DNS root servers as well as the names of the servers for several other large TLDs, such as .com, .org, .arpa and .mil.
Most of the focus about the .net redelegation has concerned the quality of the registration systems. But that is a minor matter next to the quality of the name server operation. If registration problems occur then the only people affected are those who are engaged in obtaining or transferring a name. But if the name servers go awry then the entire net will be strongly affected.
Because .net contains the name servers for so many other TLDs, any weakness in the .net servers could sweep across the net like a tsunami.
Perhaps part of the .net redelegation should include an effort to reduce the dependency of other TLDs on .net. Perhaps the name servers for other TLDs should be moved out of .net
Yes, this will have an impact on the effectiveness of DNS name compression. But should we not be trying to reduce the cross-dependencies in DNS and protect against cascading net failures and reduce the interdependencies that could hinder recovery from any major failure?
---
Originally published on CaveBear Weblog.
By Karl Auerbach, Chief Technical Officer at InterWorking Labs. Visit the blog maintained by Karl Auerbach here.
Related topics: DNS, Registry Services, Top-Level Domains
To post comments, please login or create an account.
DNSSECSponsored byAfilias | |
SecuritySponsored byVerisign | |
Top-Level DomainsSponsored byMinds + Machines | |
DNSSponsored byNeustar UltraDNS | |
MobileSponsored bydotMobi |
I have always suggested that anyone setting up a domain use name servers "in bailiwick". I think this advice should apply to all top level domains. Thus the name servers for .net should be in .net, the name servers for .com should be in .com (not in .net as they are now), and likewise for all GTLDs and CCTLDs. That leaves the root servers themselves. So how would DNS compression be affected if for a given TLD, every name server listed is in that TLD, and for a domain in that TLD, every name server is at least in that TLD, or better yet, in that domain name itself? Why would it not be very compact?
And what about the root servers? They are in the .net TLD now. I don't know how that would affect their operation if .net went down for some reason. Since they are pre-loaded as hints, I would think they would still resolve. But would it be possible to somehow poison .root-servers.net by means of control of .net?
It shouldn't be possible to poison the root through control of .net because the root servers themselves give authoritative answers adequate to resolve themselves without reference to the .net authority.
I am probably not expert enough in all behaviors of all resolvers to say with certainty, but I think the roots could and probably should answer that way for all of the TLD's authorities.