Re: WP: Attack On Internet Called Largest Ever

[Sean Donelan <sean () donelan com>]

On Tue, 22 Oct 2002, batz wrote:
> The only useful recommendations I can think of to give to
> regular users would be to increase the TTL's on their zones
> to longer than a day if they are worried about root servers
> making their domains unresolvable, maybe expect occasional
> delays in name resolution when surfing the net, and to remind
> them to ensure their machines are locked down.

Last year I tried to explain to several people the most critical
part of DNS is the part closest to you.  The attention on the root
servers is distracting folks from were the problems actually are.  For
most users, their local caching infrastructure is more important.  Most
used names are likely to still be in the cache, assuming people aren't
using tiny-TTL load balancing.

DNS clients "need" to communicate with root servers infrequently.
CAIDA (http://www.caida.org/projects/dns-analysis/) data measurements
show an average (50th-percentile) DNS client contacts the root name
servers less than 8 times in a week.