80 likes | 199 Views
Update on Root Servers Proposal. First of all, a Disclaimer:. Update on Root Servers Proposal. First of all, a Disclaimer: I am NOT reponsible for the Denial of Service attack which clogged 9 of the 13 (actually 12) Root Servers 2 days ago…
E N D
Update on Root Servers Proposal First of all, a Disclaimer:
Update on Root Servers Proposal First of all, a Disclaimer: I am NOT reponsible for the Denial of Service attack which clogged 9 of the 13 (actually 12) Root Servers 2 days ago… … and I'm reasonably sure none of our wg people was involved (… I still need to check with one individual …) :-)
Update on Root Servers Proposal What happened since June 2002: • The informal wg ( root-server-wg@ml.renater.fr ) formed with NREN experts, DANTE, TERENA (2 TEC members) now includes also Daniel Karrenberg (RIPE NCC) and Gordon Lennox (EC); • We received a significative number of comments, and there were significative discussion with the "Internet at large" community: Why not an IPv6 (dual stack) Root Server ? • Both TERENA GA and NRENPC are kept informed before any step forward
Update on Root Servers Proposal • We updated the report to clarify that: • The problems which were disclosed are NOT caused by the current Root Servers operators; • The Internet routing behaviour (BGP) might seem "surviving" catastrophic events (see the Renesys report on Sept 11th BGP outages), but BGP is just one aspect of applications behaviour: getting a BGP announce does NOT mean you reach that destination. Our tests during that period show a much catastrophic effect if you consider "reachability" of Root Servers. • Some specific Applications, like SSH, require apparently a client/server interaction where messages travel for less than 60 seconds. They were thus timing out while trying to resolve host names, even if some of the Root Servers where reachable and answered to queries (nslookup, hosts, dig). • This Root server will serve the whole IP commmunity (not restricted to R&D), but will be under NRENs control
Update on Root Servers Proposal Other Steps: • We are preparing the specific technical proposal according to RFC2870; • We contacted RIPE NCC to ask them for being the remote operator (like for the London one) of the new Root Server we propose (D. Karrenberg is acting on this); • When this is ready, we will contact also Jun Murai, ICANN, to discuss with him the proposal before submitting it officially to ICANN. • Coordination with 6net activity on v6 DNS. • … see our "action plan".
Update on Root Servers Proposal News on the "anycast" proposal: • Daniel Karrenberg officially announced at the September RIPE meeting that a new "anycast testbed proposal" is being prepared, including: • Experiment to non-BIND solution • Experiment Security issues of the solution (secure-DNS) • … many unknown issues until we try. • We will be one of the partners in that experiment: • "we can afford experiments", can commercials?
Root Servers Activity Update on Policy Issues: • Is there any chance the R&D community can help moving the issue in ICANN "out of the paddock"? • Some doubts, but let's try… • Community support to new initiatives in the field of "securing the Internet" can help… • If we just succeed in making the anycast experiment happen and deploy, we already reached the scope. • Still a lot of work to do to make people understand correctly Why, When, How we make this proposal.
Update on Root Servers Proposal Contributions are welcome…