[governance] Vixie supports another root administration

Laina Raveendran Greene laina at getit.org
Mon Oct 10 05:26:17 EDT 2005 

Dear Patrick,

All good points and I agree. Thanks for taking the time to respond.

BTW, I also did some of my own digging and this is what I found could have
been the justification for ORSN.

What I learnt was that ORSN possibly came out of a response to ensure
stability of the Internet if the US infrastructure was "hit" or sabotaged by
terrorists, and to ensure  that the rest of the world would not be affected.
It all apparently started in Oct 2002 when there was the DNS Root DOS
attack. That got the technical people thinking - they wondered what if some
group attacked the root servers to go after the US? Should the whole world
be affected from an attack on US infrastructure? Some groups (F and I root)
went down the Anycast route. Other roots threw more processing at the
problem. Still others envisioned a "buffer" between the resolving server and
the 13 DNS Roots. 

OSRN was apparently the counter to the anycast mode of adding reliability to
the system. This is a layer beneath the roots - speeding resolution and
preventing network segmentation.  This layer would keep on working even if
all 13 went down from some catastrophic incident.

This is what I managed to gather and of course Paul Vixie's answer adds much
substance to what is going on.

Best,
Laina

-----Original Message-----
From: governance-bounces at lists.cpsr.org
[mailto:governance-bounces at lists.cpsr.org] On Behalf Of Patrick Vande Walle
Sent: Monday, October 10, 2005 9:02 AM
To: governance at lists.cpsr.org
Subject: Re: [governance] Vixie supports another root administration

Laina Raveendran Greene wrote:

>Isn't there already 12 backups of the
>Master currently running outside of the US, and
>
Laina,

You are correct in that there are more physical servers than the 13
advertised in the root zone file. Those servers are "anycasted", ie they are
mirrors of the respective servers they duplicate and are automatically
synchronised. But since they are invisible in the root zone file, many
non-technicians do not consider them on equal footing with the officially
advertised ones.

>am I wrong to understand
>that these are run by groups e.g. WIDE in Japan, RIPE in Europe etc who 
>will not listen to the US gov. That they will not allow any ccTLD just 
>to be taken down
>
I am sure these operators do have a technical process in place to validate
changes in the root zone file. I am not so sure they have a political
process in place to validate these. If they would object to these changes,
that would mean that up to 3 servers out of 13 would no more synchronise
with the A root: a real danger for the stability of the network (or at least
its DNS part). My take is that they would priviledge stability over the
political aspects. I think this is the situation ORSN wants to avoid.

Best,

Patrick Vande Walle
ISOC Luxembourg
Silent reader of this list




_______________________________________________
governance mailing list
governance at lists.cpsr.org
https://ssl.cpsr.org/mailman/listinfo/governance

_______________________________________________
governance mailing list
governance at lists.cpsr.org
https://ssl.cpsr.org/mailman/listinfo/governance

More information about the Governance mailing list