Internet Engineering Task Force Yasuhiro Morishita, JPRS INTERNET-DRAFT Feb 23, 2003 Expires: Aug 23, 2003 An Approach for Increasing Root And TLD DNS Servers draft-yasuhiro-dnsop-increasing-dns-server-00.txt Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as ``work in progress.'' To view the list Internet-Draft Shadow Directories, see http://www.ietf.org/shadow.html. Distribution of this memo is unlimited. The internet-draft will expire in 6 months. The date of expiration will be Aug 23, 2003. Abstract Currently, it is thought that the maximum number of DNS server hosts for a zone is 13. In fact, DNS server hosts of root zone and .com/.net zone are operated by 13 servers. This draft proposes an approach for increasing of DNS server hosts without changing DNS protocol by using 'multiple-addresses per host' basis. Especially, this approach is useful for adding IPv6 DNS servers for root and TLD zones. And it also may be useful for signing root zone for DNSSEC. 1. Introduction Currently, it is thought that the maximum number of DNS server hosts for a zone is 13. For example, the .net zone, it has 13 DNS servers, known as a.gtld-servers.net, b.gtld-servers.net, ..., m.gtld-servers.net. Morishita Expires: Aug 23, 2003 [Page 1] DRAFT An Approach for Increasing Root And TLD DNS Servers Feb 2003 This limitation is for the maximum packet size of DNS protocol. Currently, the DNS response for a query of IPv4 address (A) of {maximum- name}.com as follows: % dig -t ns 123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.com @a.root-servers.net ; <<>> DiG 9.3.0s20021115 <<>> -t a 123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.net @a.root-servers.net ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54441 ;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 13, ADDITIONAL: 1 ;; QUESTION SECTION: ;123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.123456789.net. IN A ;; AUTHORITY SECTION: net. 172800 IN NS A.GTLD-SERVERS.net. net. 172800 IN NS G.GTLD-SERVERS.net. net. 172800 IN NS H.GTLD-SERVERS.net. net. 172800 IN NS C.GTLD-SERVERS.net. net. 172800 IN NS I.GTLD-SERVERS.net. net. 172800 IN NS B.GTLD-SERVERS.net. net. 172800 IN NS D.GTLD-SERVERS.net. net. 172800 IN NS L.GTLD-SERVERS.net. net. 172800 IN NS F.GTLD-SERVERS.net. net. 172800 IN NS J.GTLD-SERVERS.net. net. 172800 IN NS K.GTLD-SERVERS.net. net. 172800 IN NS E.GTLD-SERVERS.net. net. 172800 IN NS M.GTLD-SERVERS.net. ;; ADDITIONAL SECTION: A.GTLD-SERVERS.net. 172800 IN A 192.5.6.30 ;; Query time: 78 msec ;; SERVER: 198.41.0.4#53(a.root-servers.net) ;; WHEN: Mon Feb 24 20:12:31 2003 ;; MSG SIZE rcvd: 508 In this case, 13 NS records of .net servers and 1 glue A record are returned, and the DNS packet size is 508. The result means the payload of DNS packet is full and we can't increase any additional DNS servers. 2. Proposal In this situation, one server has one IP address ('one-to-one basis'). But DNS protocol allows more than 2 addresses per one name. Morishita Expires: Aug 23, 2003 [Page 2] DRAFT An Approach for Increasing Root And TLD DNS Servers Feb 2003 For example: example.jp. IN A xxx.xxx.xxx.xxx IN A yyy.yyy.yyy.yyy IN A zzz.zzz.zzz.zzz By applying this to root and TLD zones, the size of DNS response packet can be made small. Below is example for .jp zone. The name 'v4.dns.jp' has multiple addresses. jp. IN NS v4.dns.jp. v4.dns.jp. IN A aaa.aaa.aaa.aaa IN A bbb.bbb.bbb.bbb IN A ccc.ccc.ccc.ccc This approach can be used for adding IPv6 address on root and TLD zones as below. jp. IN NS v4.dns.jp. IN NS v6.dns.jp. v4.dns.jp. IN A aaa.aaa.aaa.aaa IN A bbb.bbb.bbb.bbb IN A ccc.ccc.ccc.ccc v6.dns.jp. IN AAAA aaaa:bbbb:cccc:dddd:eeee:ffff:gggg:hhhh IN AAAA iiii:jjjj:kkkk:llll:mmmm:nnnn:oooo:pppp IN AAAA qqqq:rrrr:ssss:tttt:uuuu:vvvv:wwww:xxxx It also may be useful DNSSEC signing. 3. Considerations We think that the behavior of DNS resolver for this situation. On some registries, multiple IP addresses are not allowed on DNS server hosts. In this case, needs modification of the system of registries. 4. Acknowledgements This work is funded by the Telecommunications Advancement Organization of Japan (TAO). The author would like to thank the members of the JPRS research and development department and system administration department for their important contribution to this work. Morishita Expires: Aug 23, 2003 [Page 3] DRAFT An Approach for Increasing Root And TLD DNS Servers Feb 2003 Author's addresses Yasuhiro Morishita Research and Development Department Japan Registry Service Co.,Ltd. Fuundo Bldg 3F, 1-2 Kanda-Ogawamachi Chiyoda-ku, Tokyo, 101-0052, Japan Tel: +81-3-5297-2571 email: yasuhiro@jprs.co.jp Morishita Expires: Aug 23, 2003 [Page 4]