[LINK] alternative DNS root clients
kim at holburn.net
Sun Mar 18 14:37:15 EST 2012
On 2012/Mar/18, at 12:17 PM, Scott Howard wrote:
> On Sat, Mar 17, 2012 at 5:52 PM, Kim Holburn <kim at holburn.net> wrote:
>> DNS clients don't seem to handle more than one DNS server very well.
> Then you should complain to whoever is writing the "clients" (or more
> specifically the clients resolver). Certainly in my experience most DNS
> 'clients' do seem to get it right.
> A worthwhile resolver will remember that a specific server is unavailable,
> and will be only attempt to re-use it periodically, or not at all -
> presuming of course that it's got alternatives.
> I've just confirmed that this definitely occurs for me with Windows 7 and
> both Firefox and IE. I configured 2 DNS servers - one that does not
> respond, and a second that does. The very first request I did was slow -
> maybe 5+ seconds - before it failed over to the second DNS server and
> started working. However every subsequent request has been fast, and from
> watching the network traffic I can see that it is only querying the
> second/alive server.
>> Opennic's servers serve normal ICANN TLDs as well as opennic TLDs, but why
>> shouldn't this happen at the client level? Why can't you specify several
>> root domains?
> Because the entire concept of alternative root servers is fundamentally
> flawed and would fragment the Internet in ways that would do nothing but
> cause pain. Thankfully the people that write DNS clients know this, and
> thus have not implemented features that would allow this to happen.
> If you really want to drink the OpenNIC cool-aid (or that of any other
> alternative-TLD, because there are several - often conflicting - of them
> out there) then you can simply point at their root DNS servers, as they
> always also serve up domains for the "real" TLD's, so you can still query
> .com domains, etc. Well, until your newly chosen alternate root server
> decides that they don't like the existing .COM and wants to come up with
> their own...
I've never really liked the idea of alternative TLDs but what do we have now? With our current system the US government can confiscate domain names with no due process? How is that not broken?
IT Network & Security Consultant
T: +61 2 61402408 M: +61 404072753
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
More information about the Link