[arin-announce] IN-ADDR.ARPA Zone Transfer Complete

• Previous message (by thread): [arin-announce] IN-ADDR.ARPA Zone Transfer Complete
• Next message (by thread): [arin-announce] IN-ADDR.ARPA Zone Transfer Complete
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 02/16/2011 14:23, Joe Abley wrote:
| Hi Doug,
|
| On 2011-02-16, at 16:30, Doug Barton wrote:
|
|> Relevant to another post today, I've noticed that neither the
*.ip6-servers.arpa nor the *.in-addr-servers.arpa allow axfr. Which
leads to the following questions:
|>
|> 1. Was that a conscious decision, and if so why?
|
| It's a question for the individual operators of the servers. I can
only speak for the particular servers that ICANN operates.
|
| ICANN operates B.IN-ADDR-SERVERS.ARPA and B.IP6-SERVERS.ARPA. As with
L-Root, we don't permit zone transfers from the servers themselves; our
goal with the nameservers themselves is to provide them with as much
headroom as possible for answering DNS queries, and it has never seemed
to us that also responding to AXFR is going to help with that.
|
| We do however support open zone transfers for the root zone, ARPA,
IN-ADDR.ARPA and IP6.ARPA from two locations for anybody who cares to
use them:
|
|    xfr.lax.dns.icann.org
|    xfr.cjr.dns.icann.org
|
| The availability of these servers for AXFR is documented
at<http://dns.icann.org/services/axfr/>.

Joe,

Thanks for clarifying. I almost included "is axfr available from any
other source?" as a 3rd question, but figured that would come out in the
wash. :)

This leads to 2 additional questions:

1. Is the zone available from those 2 locations "the same" as what's
available on the authoritative servers, or is there a lag time between
updates on the auth and the xfr servers?
2. Is there any objection to having those servers listed in publicly
available documentation on how to configure resolvers to slave the root
and related zones?


Thanks again,

Doug

- -- 

	Nothin' ever doesn't change, but nothin' changes much.
			-- OK Go

	Breadth of IT experience, and depth of knowledge in the DNS.
	Yours for the right price.  :)  http://SupersetSolutions.com/

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (FreeBSD)

iQEcBAEBCAAGBQJNXFC4AAoJEFzGhvEaGryEDJsIAMPnaAEjXUJHJieA5YlsLL7U
iHaCdNAW4q9pBRao8syG9c6l1ZNTG/qZu2CfJ5sBfXfLuimiCvJ4qsfqBX3koc+/
n8EC7f9tEFYQuTQJOZQs3xoT8dYfFxBRn9OFYLRVnEzWXfNB0LpY1a+Q+wEjwU/M
U5/1k2ejDyhSSZGpc3VqrSpnQNu8/KAcJM3Ybt0eZE9oZoS7qE5oKmbJ7KuVPHug
mH/4PeNoLTtfL1kg+k663SafGbERtfCarZvSOIWbDKPl2YjJcXT9mhpCuPHV/Tkf
SHyvB9vcvhZS2PPvVOd/WpZxowG3PxLQJPdv2j/rB1HHu8/QT8KLxm60AivxYh8=
=go0l
-----END PGP SIGNATURE-----

• Previous message (by thread): [arin-announce] IN-ADDR.ARPA Zone Transfer Complete
• Next message (by thread): [arin-announce] IN-ADDR.ARPA Zone Transfer Complete
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]