DNSEXT Working Group                                        Levon Esibov
INTERNET-DRAFT                                               Stuart Kwan
Category: Best Current Practice                                Microsoft
February 22, 2001

       Dynamic DNS Update of the Top Level Domain and Root Zones

With an increasing number of implementations where the DNS client is
capable of performing dynamic DNS updates, an increase in the number of
the dynamic DNS updates sent to the servers hosting top level domain
zones has been observed. The purpose of this document is to recommend
DNS client configuration that prevents sending dynamic DNS updates for
the top level domain zones and root zones.

1.  Introduction

RFC 2136 [1] specifies Dynamic Updates in DNS, but does not
consider updates of the top level domain zones (e.g. "com", "edu", "ca",
"uk", etc...) and the root zone as a special case. Usually requests to
perform dynamic updates of the top level domain zones and the root zone
are expected to fail because these zones (on the Internet) are
configured to prohibit any dynamic updates. The same is true for most
organizations' private internal DNS infrastructures. The unnecessary
load of the dynamic updates sent by DNS clients attempting dynamic
updates of these zones consumes the resources of the DNS servers
authoritative for these zones and consumes network bandwidth.

With an increasing number of implementations where the DNS client is
capable of performing dynamic DNS updates, an increase in the number of
the dynamic DNS updates sent to the servers hosting top level domain
zones has been observed. The purpose of this document is to recommend
DNS client configuration that prevents sending dynamic DNS updates for
the top level domain zones and root zones.

In this document, the key words "MAY", "MUST,  "MUST  NOT", "optional",
"recommended",  "SHOULD",  and  "SHOULD  NOT",  are to be interpreted as
described in [2].

2. Dynamic updates of the top level domain zones and root zones.

To prevent dynamic DNS update requests to the top level domain zones and
root zone, it is recommended that DNS clients are configured by default
to suppress dynamic DNS updates of the top level domain zones and the
root zone.

To address the needs of the organizations using top level domain zones
and/or the root zone in their private internal DNS infrastructures, and
to allow dynamic updates of such zones, DNS clients MAY be configured to
allow dynamic DNS updates to be sent to the top level domain zones.

3.  IANA Considerations

IANA's consideration is not required.

4.  Security Considerations

This draft does not introduce any additional security concerns.

5.  Acknowledgements

Authors would like to thank Aristotle Balogh and Mark Kosters for
bringing to our attention the raising volume of the dynamic update
requests sent to the top level domain zones. We would also like to thank
Michael Cretzman for review of this document.

6.  Authors' Addresses

Levon Esibov
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052


Stuart Kwan
Microsoft Corporation
One Microsoft Way
Redmond, WA 98052


7.  References

[1]  Vixie, P., Thomson, S., Rekhter, Y., Bound, J., "Dynamic Updates
     in the Domain Name System (DNS UPDATE)", RFC 2136, April 1997.

[2]  Bradner, S., "Key words for use in RFCs to Indicate Requirement
     Levels", BCP 14, RFC 2119, March 1997.

