> I have been informed that recently NSI requested permission to deploy
> additional TLD servers for enhanced stability. I was further informed
> that you denied their request to make changes to the root zone that
> would render these servers operational.
I just looked at the delegations for .com/.net/.org and they all seem
to point to the following twelve TLD servers...
A.ROOT-SERVERS.NET.
B.ROOT-SERVERS.NET.
C.ROOT-SERVERS.NET.
D.ROOT-SERVERS.NET.
E.ROOT-SERVERS.NET.
F.ROOT-SERVERS.NET.
G.ROOT-SERVERS.NET.
H.ROOT-SERVERS.NET.
I.ROOT-SERVERS.NET.
F.GTLD-SERVERS.NET.
J.GTLD-SERVERS.NET.
K.GTLD-SERVERS.NET.
Now due to an ancient (and essentially obsolete, but nevertheless still in
RFC1035) limitation on the size of UDP packets:
4.2.1. UDP usage
...
Messages carried by UDP are restricted to 512 bytes (not counting the IP
or UDP headers). Longer messages are truncated and the TC bit is set in
the header.
This limits the number of answers that can be stuffed into a DNS
response packet when one's software tracking down through the DNS hierarchy.
In particular, it limits the number of servers that can be assigned to a
zone to 12. (I haven't worked out the math on this myself, so I'm relying
on calculations performed by others.)
So, if NSI wants to add more servers for .com/.net/.org it isn't going to
be able to do so, at least not from the current root system, at least
without violating that part of the specification.
I understand that this 512 byte limit is being reconsidered by the IETF.
I can attest that from a software writer's perspective it is a limit that
is easy to change. And from the perspective of network MTU -- The old MTU
of 576 is hard to find anywhere except on some PPP links, and even then IP
fragmentation and reassembly handles the job and reassembly
implementations have become rather more robust than they were 12 years
ago.
I do note however, that the current delegations for .com/.net/.org have
many of the same same computers doing double duty as root and TLD servers.
That is bad form and if NSI is addressing that, good for them.
As it stands, however, we could easily obtain a further improvement in net
stability if we established multiple root systems that pointed additional
servers for the current TLDs.
That would allow me as a user, ISP operator, or corporate/organizational
administrator to select a root system that best met my own needs. And if
it went down, I could quickly switch to another root system.
--karl--
