{"draft":"draft-ietf-dnsop-7706bis-12","doc_id":"RFC8806","title":"Running a Root Server Local to a Resolver","authors":["W. Kumari","P. Hoffman"],"format":["HTML","TEXT","PDF","XML"],"page_count":"12","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Domain Name System Operations","abstract":"Some DNS recursive resolvers have longer-than-desired round-trip\r\ntimes to the closest DNS root server; those resolvers may have\r\ndifficulty getting responses from the root servers, such as during a\r\nnetwork attack. Some DNS recursive resolver operators want to prevent\r\nsnooping by third parties of requests sent to DNS root servers. In\r\nboth cases, resolvers can greatly decrease the round-trip time and\r\nprevent observation of requests by serving a copy of the full root\r\nzone on the same server, such as on a loopback address or in the\r\nresolver software. This document shows how to start and maintain such\r\na copy of the root zone that does not cause problems for other users\r\nof the DNS, at the cost of adding some operational fragility for the\r\noperator.\r\n\r\nThis document obsoletes RFC 7706.","pub_date":"June 2020","keywords":["DNS","local-root"],"obsoletes":["RFC7706"],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8806","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc8806"}