Re: Root Anycast

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



--On Tuesday, May 18, 2004 18:01:05 +0200 jfcm <info@xxxxxxxx> wrote:

> 1. first target: distribution of the root machines through a root server
> matrix and core network - 

Yes, this is already done. It works, even if it is not top-guided as you
envision.

> containing local root information to make it a
> need. Decrease of the pressure, risk containement, new data, new services.

This is unnecessary and prone to failure. 

> 2. second target : a user MITM providing "hardware, software and
> brainware firewalling". At root system level it means that the user is to
> cache his root system. 

Which part of the present caching resolve server does not provide this
service today? Aren't you reinventing the wheel here? 

> Private roots are not subject to DoS. They certainly permit to survive a
> few hours, days and even probably months. In adding all the root themes
> we can objectively consider today for ubiquist new services, plus a
> "first necessity" software kit and root, we are probably talking of an
> ASN.1 structure of less than 20 compacted K (comparable to anti-virus
> updates).

Private roots are subject to confusion, mis-directed micromanagement by
local admins, overly sensitive to local politics, split-vision of what must
by design be unified, and endless user frustration. I have tried this in a
large corporate network, and it was, even there with a clear chain of
command, a horrible mess. Never, ever again will I take anything like it
outside a lab (except to kill it).

> The figures I discussed in a previous memo, show that we could then come
> back to a "486DX2". However discussing of root server the way we consider
> them today would be quite meaningless.

You have a strong passion for doing something to fix the DNS system. I
suggest you channel this passion towards trying to fix all the b0rkened
clients (cf. the studies of root server load refered to earlier here)
before you try to impose breakage onto the well-functioning root server
system. 

-- 
Måns Nilsson                    MN1334-RIPE
http://vvv.besserwisser.org     +46 706 81 72 04

Attachment: pgp00437.pgp
Description: PGP signature


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]