North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: RFC 2870's applicability (Re: Deaggregating foremergency purposes)
- From: Brad Knowles
- Date: Wed Aug 07 17:42:04 2002
At 4:19 AM +0000 2002/08/07, Paul Vixie wrote:
I have since learned that there is an update to 2010 in the
works, which should be more acceptable to the root server operators.
As such, I will stop comparing the current state of the servers
RFC 2870 had a lot of cooks, and the end result is somewhat descriptive
of TLD servers but is anywhere from mildly to wildly wrong with respect
to the root servers.
They're welcome to run their own servers however they like.
However, if they want to arbitrarily cut off their networks from
"subversive" networks around the world, then I feel that they should
voluntarily give up their root nameservers because they are unable to
adhere to the spirit of the standards by which they are supposed to
be operating (whatever RFC or document you use as that standard).
There's no way to change this, really, and one of the ways to not change
it would be to write an RFC. USGov has its own way of doing things. I
don't expect anybody to tell them they have to give up their root servers
as a result. (Except maybe Karl or Jim, I guess.)
124 ip 188.8.131.52/0 0.0.0.0/0 209 12466
0 0 126
Nope, none of those are mine. I was primarily talking about the
other machines on the same network, and the other services that I
strongly suspect that some of the machines are running. Nmap scans
would have a good chance of turning up some results.
313 ip 184.108.40.206/0 0.0.0.0/0 321 18939
0 0 120
64 ip 220.127.116.11/0 0.0.0.0/0 157 9385
0 0 88
499 ip 18.104.22.168/0 0.0.0.0/0 141 8987
0 0 84
1011 ip 22.214.171.124/0 0.0.0.0/0 119 6854
0 0 84
203 ip 126.96.36.199/0 0.0.0.0/0 139 8865
2 129 81
916 ip 188.8.131.52/0 0.0.0.0/0 160 9344
2 120 80
408 ip 184.108.40.206/0 0.0.0.0/0 130 7800
0 0 67
188 ip 220.127.116.11/0 0.0.0.0/0 121 8712
0 0 64
Yeah, I think I read that paper. I understand, and now I fully
agree. The problem is that there are a dearth of good tools (like
queryperf) to help measure the jitter of the RTTs of low-rate DNS
Evi gave a *wonderful* talk at NANOG a year or so back in which
she explored the many bad flows seen on F. Anyone who runs
benchmarks against root servers would be a "bad flow". So it's
no wonder that your testing isn't complete :-).
I disagree. Certainly, Daniel Karrenberg has publicly disagreed
with this use of RFC 2870. Check the archives of the RIPE DNS
Allow me to present information to the contrary. I co-authored RFC
2010, but I had no part in RFC 2870 and in fact had not even read
it until well after it was published. I consider it inadequate and
inaccurate for root service, while nonetheless acknowledging its
applicability toward some ccTLD servers.
I was comparing the current state of affairs against the wrong
document. I await the publication of the right document.
Clearly, you're way ahead of yourself.
Brad Knowles, <email@example.com>
"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.
GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)