North American Network Operators Group
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: RFC 2870's applicability (Re: Deaggregating foremergency purposes)
- From: Brad Knowles
- Date: Wed Aug 07 17:42:04 2002
At 4:19 AM +0000 2002/08/07, Paul Vixie wrote:
RFC 2870 had a lot of cooks, and the end result is somewhat descriptive
of TLD servers but is anywhere from mildly to wildly wrong with respect
to the root servers.
I have since learned that there is an update to 2010 in the
works, which should be more acceptable to the root server operators.
As such, I will stop comparing the current state of the servers
against 2870.
There's no way to change this, really, and one of the ways to not change
it would be to write an RFC. USGov has its own way of doing things. I
don't expect anybody to tell them they have to give up their root servers
as a result. (Except maybe Karl or Jim, I guess.)
They're welcome to run their own servers however they like.
However, if they want to arbitrarily cut off their networks from
"subversive" networks around the world, then I feel that they should
voluntarily give up their root nameservers because they are unable to
adhere to the spirit of the standards by which they are supposed to
be operating (whatever RFC or document you use as that standard).
124 ip 210.220.163.80/0 0.0.0.0/0 209 12466
0 0 126
313 ip 216.127.34.163/0 0.0.0.0/0 321 18939
0 0 120
64 ip 210.220.163.78/0 0.0.0.0/0 157 9385
0 0 88
499 ip 209.67.50.88/0 0.0.0.0/0 141 8987
0 0 84
1011 ip 144.137.113.189/0 0.0.0.0/0 119 6854
0 0 84
203 ip 216.175.216.50/0 0.0.0.0/0 139 8865
2 129 81
916 ip 209.150.65.1/0 0.0.0.0/0 160 9344
2 120 80
408 ip 218.44.147.218/0 0.0.0.0/0 130 7800
0 0 67
188 ip 65.192.24.190/0 0.0.0.0/0 121 8712
0 0 64
Nope, none of those are mine. I was primarily talking about the
other machines on the same network, and the other services that I
strongly suspect that some of the machines are running. Nmap scans
would have a good chance of turning up some results.
Evi gave a *wonderful* talk at NANOG a year or so back in which
she explored the many bad flows seen on F. Anyone who runs
benchmarks against root servers would be a "bad flow". So it's
no wonder that your testing isn't complete :-).
Yeah, I think I read that paper. I understand, and now I fully
agree. The problem is that there are a dearth of good tools (like
queryperf) to help measure the jitter of the RTTs of low-rate DNS
queries.
Allow me to present information to the contrary. I co-authored RFC
2010, but I had no part in RFC 2870 and in fact had not even read
it until well after it was published. I consider it inadequate and
inaccurate for root service, while nonetheless acknowledging its
applicability toward some ccTLD servers.
I disagree. Certainly, Daniel Karrenberg has publicly disagreed
with this use of RFC 2870. Check the archives of the RIPE DNS
Working Group.
Clearly, you're way ahead of yourself.
I was comparing the current state of affairs against the wrong
document. I await the publication of the right document.
--
Brad Knowles, <brad.knowles@skynet.be>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)
|
