Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: RFC 2870's applicability (Re: Deaggregating foremergency purposes)

  • From: Brad Knowles
  • Date: Wed Aug 07 17:42:04 2002

At 4:19 AM +0000 2002/08/07, Paul Vixie wrote:

 RFC 2870 had a lot of cooks, and the end result is somewhat descriptive
 of TLD servers but is anywhere from mildly to wildly wrong with respect
 to the root servers.
I have since learned that there is an update to 2010 in the works, which should be more acceptable to the root server operators. As such, I will stop comparing the current state of the servers against 2870.

 There's no way to change this, really, and one of the ways to not change
 it would be to write an RFC.  USGov has its own way of doing things.  I
 don't expect anybody to tell them they have to give up their root servers
 as a result.  (Except maybe Karl or Jim, I guess.)
They're welcome to run their own servers however they like. However, if they want to arbitrarily cut off their networks from "subversive" networks around the world, then I feel that they should voluntarily give up their root nameservers because they are unable to adhere to the spirit of the standards by which they are supposed to be operating (whatever RFC or document you use as that standard).

124 ip 209 12466 0 0 126
313 ip 321 18939 0 0 120
64 ip 157 9385 0 0 88
499 ip 141 8987 0 0 84
1011 ip 119 6854 0 0 84
203 ip 139 8865 2 129 81
916 ip 160 9344 2 120 80
408 ip 130 7800 0 0 67
188 ip 121 8712 0 0 64
Nope, none of those are mine. I was primarily talking about the other machines on the same network, and the other services that I strongly suspect that some of the machines are running. Nmap scans would have a good chance of turning up some results.

 Evi gave a *wonderful* talk at NANOG a year or so back in which
 she explored the many bad flows seen on F.  Anyone who runs
 benchmarks against root servers would be a "bad flow".  So it's
 no wonder that your testing isn't complete :-).
Yeah, I think I read that paper. I understand, and now I fully agree. The problem is that there are a dearth of good tools (like queryperf) to help measure the jitter of the RTTs of low-rate DNS queries.

 Allow me to present information to the contrary.  I co-authored RFC
 2010, but I had no part in RFC 2870 and in fact had not even read
 it until well after it was published.  I consider it inadequate and
 inaccurate for root service, while nonetheless acknowledging its
 applicability toward some ccTLD servers.
I disagree. Certainly, Daniel Karrenberg has publicly disagreed with this use of RFC 2870. Check the archives of the RIPE DNS Working Group.

 Clearly, you're way ahead of yourself.
I was comparing the current state of affairs against the wrong document. I await the publication of the right document.

Brad Knowles, <>

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."
-Benjamin Franklin, Historical Review of Pennsylvania.

GCS/IT d+(-) s:+(++)>: a C++(+++)$ UMBSHI++++$ P+>++ L+ !E W+++(--) N+ !w---
O- M++ V PS++(+++) PE- Y+(++) PGP>+++ t+(+++) 5++(+++) X++(+++) R+(+++)
tv+(+++) b+(++++) DI+(++++) D+(++) G+(++++) e++>++++ h--- r---(+++)* z(+++)

Discussion Communities

About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home

Merit Network, Inc.