John Crain wrote:
Speculation is all it is and I probably have no better ideas than
many folks here. Be better to try and figure out what is really
happening...
I think this is just a knock on effect from the fact that many folks
don't keep their systems up to date, especially smaller networks.
Typically they turn something on and just leave it until it stops
working. Just like they don't update any other software if it isn't
done for them automatically.
That shouldn't come as a surprise to anyone.
No it does not. That in fact is a big problem. I used to do scans of
DNS servers over the years. And one interesting thing I have found is
there are still servers out there using the very old legacy roots. When
they had five root servers.
I think because of the fact that what you say above is so true - people
install dns and then forget it - then maybe it is time for ICANN to
consider a root policy that goes something like this - to have a stable
internet you don't go around changing your roots ip numbers.
I look forward to more reports and data sharing from L root. But to be
frank it would be alot of fun to see that same data compared to data
from f.root. f.root is a true legacy root system. I think it's been
around from the beginning and may be an excellent comparison to the
progress of the L root fragmentation.
cheers
joe baptista
It's nice to think that resolvers will automatically fix themselves
when priming but I think the stats show this not to be solving the
issue.
It's too early from the L-root perspective to really see what is
happening. Less than a month since renumbering, long term trends will
be more interesting.
We'll start to analyze some of the big hitters on the old address.
Once we have some long term data I will publish something.
Luckily the folks who gave us DSC made it easy for me to do just that.
Big thanks to Duane and co!!!
John L. Crain
Chief Technical Officer
I.C.A.N.N.
On 28 Nov 2007, at 11:02, Joe Baptista wrote:
Yes - many questions and few answer and very little data available
for the community to figure out those answers. John Crain should
publish stats more often. Why indeed does root behave so strangely.
That little 40 percentage thingy indeed does raise alotof questions.
John can you speculate for us? Whats going on.
Another very interesting thing is the incredible power behind one IP
number when it has experienced root activity. It only takes one
rogue root to highjack the entire root system. Its been done twice
now in internet history. How is that possible?
regards
joe baptista
JINMEI Tatuya / 神明達哉 wrote:
At Wed, 28 Nov 2007 10:55:44 +0100,
Peter Koch <[EMAIL PROTECTED]> wrote:
Currently about 60% New IP to 40% old IP... and rising slowly
So clearly a lot of folks still need to up date their hints files :(
part of that traffic will be due to old hints files, but priming was
actually supposed to accelerate the migration. 40% of total L
traffic
seems a bit much for 1/13 of the priming traffic?
BIND9 also uses the root hint when it finds necessary glue is
missing. For example, consider the following delegation:
child.foo.example. NS 86400 ns.child.foo.example.
ns.child.foo.example. A 3600 192.0.2.1
When the (recursive) resolver first visits the child.foo.example zone,
it caches both the NS and A records. The glue (A) record will expire
in 1 hour. When the resolver tries to visit the zone after that while
still keeping the NS record, it tries to fetch the missing glue from
the root using the hint file, regardless of whether it has the root NS
and the root server addresses in its cache.
This would be another reason for the queries to the old L-root
address, though I don't think it makes the 40% of total traffic unless
the vast majority of hint files aren't updated.
JINMEI, Tatuya
Communication Platform Lab.
Corporate R&D Center, Toshiba Corp.
[EMAIL PROTECTED]
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www1.ietf.org/mailman/listinfo/dnsop
--
Joe Baptista www.publicroot.org
PublicRoot Consortium
----------------------------------------------------------------
The future of the Internet is Open, Transparent, Inclusive,
Representative & Accountable to the Internet community @large.
----------------------------------------------------------------
Office: +1 (202) 517-1593
Fax: +1 (509) 479-0084
<baptista.vcf>_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www1.ietf.org/mailman/listinfo/dnsop
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www1.ietf.org/mailman/listinfo/dnsop
--
Joe Baptista www.publicroot.org
PublicRoot Consortium
----------------------------------------------------------------
The future of the Internet is Open, Transparent, Inclusive,
Representative & Accountable to the Internet community @large.
----------------------------------------------------------------
Office: +1 (202) 517-1593
Fax: +1 (509) 479-0084
begin:vcard
fn:Joe Baptista
n:Baptista;Joe
org:PublicRoot Consortium
adr:;;963 Ford Street;Peterborough;Ontario;K9J 5V5 ;Canada
email;internet:[EMAIL PROTECTED]
title:PublicRoot Representative
tel;fax:+1 (509) 479-0084
tel;cell:+1 (416) 912-6551
x-mozilla-html:FALSE
url:http://www.publicroot.org
version:2.1
end:vcard
_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www1.ietf.org/mailman/listinfo/dnsop
