Running a Root Server Local to a Resolver
RFC 8806, “Running a Root Server Local to a Resolver”, is an Informational document published in June 2020 by W. Kumari, P. Hoffman. It obsoletes RFC 7706. The canonical text is published by the RFC Editor.
Abstract
Some DNS recursive resolvers have longer-than-desired round-trip times to the closest DNS root server; those resolvers may have difficulty getting responses from the root servers, such as during a network attack. Some DNS recursive resolver operators want to prevent snooping by third parties of requests sent to DNS root servers. In both cases, resolvers can greatly decrease the round-trip time and prevent observation of requests by serving a copy of the full root zone on the same server, such as on a loopback address or in the resolver software. This document shows how to start and maintain such a copy of the root zone that does not cause problems for other users of the DNS, at the cost of adding some operational fragility for the operator.
This document obsoletes RFC 7706.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 8806 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 8805 A Format for Self-Published IP Geolocation Feeds
- RFC 8807 Login Security Extension for the Extensible Provisioning Protocol
- RFC 8804 Content Delivery Network Interconnection Request Routing Extensions
- RFC 8808 A YANG Data Model for Factory Default Settings
- RFC 8803 0-RTT TCP Convert Protocol
- RFC 8809 Registries for Web Authentication
- RFC 8802 The Quality for Service Protocol
- RFC 8810 Revision to Capability Codes Registration Procedures