TERENA GA Claudio Allocchio Update on Root Servers Proposal First of all, a Disclaimer: First of all, a Disclaimer:
TERENA GA Claudio Allocchio Update on Root Servers Proposal First of all, a Disclaimer: First of all, a Disclaimer: I am NOT reponsible for the Denial of Service attack which clogged 9 of the 13 (actually 12) Root Servers 2 days ago… … and I'm reasonably sure none of our wg people was involved (… I still need to check with one individual …) :-)
TERENA GA Claudio Allocchio Update on Root Servers Proposal What happened since June 2002: The informal wg ( ) formed with NREN experts, DANTE, TERENA (2 TEC members) now includes also Daniel Karrenberg (RIPE NCC) and Gordon Lennox (EC);The informal wg ( ) formed with NREN experts, DANTE, TERENA (2 TEC members) now includes also Daniel Karrenberg (RIPE NCC) and Gordon Lennox We received a significative number of comments, and there were significative discussion with the "Internet at large" community: Why not an IPv6 (dual stack) Root Server ?We received a significative number of comments, and there were significative discussion with the "Internet at large" community: Why not an IPv6 (dual stack) Root Server ? Both TERENA GA and NRENPC are kept informed before any step forwardBoth TERENA GA and NRENPC are kept informed before any step forward
TERENA GA Claudio Allocchio Update on Root Servers Proposal We updated the report to clarify that:We updated the report to clarify that: The problems which were disclosed are NOT caused by the current Root Servers operators;The problems which were disclosed are NOT caused by the current Root Servers operators; The Internet routing behaviour (BGP) might seem "surviving" catastrophic events (see the Renesys report on Sept 11th BGP outages), but BGP is just one aspect of applications behaviour: getting a BGP announce does NOT mean you reach that destination. Our tests during that period show a much catastrophic effect if you consider "reachability" of Root Servers.The Internet routing behaviour (BGP) might seem "surviving" catastrophic events (see the Renesys report on Sept 11th BGP outages), but BGP is just one aspect of applications behaviour: getting a BGP announce does NOT mean you reach that destination. Our tests during that period show a much catastrophic effect if you consider "reachability" of Root Servers. Some specific Applications, like SSH, require apparently a client/server interaction where messages travel for less than 60 seconds. They were thus timing out while trying to resolve host names, even if some of the Root Servers where reachable and answered to queries (nslookup, hosts, dig).Some specific Applications, like SSH, require apparently a client/server interaction where messages travel for less than 60 seconds. They were thus timing out while trying to resolve host names, even if some of the Root Servers where reachable and answered to queries (nslookup, hosts, dig). This Root server will serve the whole IP commmunity (not restricted to R&D), but will be under NRENs controlThis Root server will serve the whole IP commmunity (not restricted to R&D), but will be under NRENs control
TERENA GA Claudio Allocchio Update on Root Servers Proposal Other Steps: We are preparing the specific technical proposal according to RFC2870;We are preparing the specific technical proposal according to RFC2870; We contacted RIPE NCC to ask them for being the remote operator (like for the London one) of the new Root Server we propose (D. Karrenberg is acting on this);We contacted RIPE NCC to ask them for being the remote operator (like for the London one) of the new Root Server we propose (D. Karrenberg is acting on this); When this is ready, we will contact also Jun Murai, ICANN, to discuss with him the proposal before submitting it officially to ICANN.When this is ready, we will contact also Jun Murai, ICANN, to discuss with him the proposal before submitting it officially to ICANN. Coordination with 6net activity on v6 DNS.Coordination with 6net activity on v6 DNS. … see our "action plan".… see our "action plan".
TERENA GA Claudio Allocchio Update on Root Servers Proposal News on the "anycast" proposal: Daniel Karrenberg officially announced at the September RIPE meeting that a new "anycast testbed proposal" is being prepared, including:Daniel Karrenberg officially announced at the September RIPE meeting that a new "anycast testbed proposal" is being prepared, including: Experiment to non-BIND solutionExperiment to non-BIND solution Experiment Security issues of the solution (secure-DNS)Experiment Security issues of the solution (secure-DNS) … many unknown issues until we try.… many unknown issues until we try. We will be one of the partners in that experiment:We will be one of the partners in that experiment: "we can afford experiments", can commercials?"we can afford experiments", can commercials?
TERENA GA Claudio Allocchio Root Servers Activity Update on Policy Issues: Is there any chance the R&D community can help moving the issue in ICANN "out of the paddock"?Is there any chance the R&D community can help moving the issue in ICANN "out of the paddock"? Some doubts, but let's try…Some doubts, but let's try… Community support to new initiatives in the field of "securing the Internet" can help…Community support to new initiatives in the field of "securing the Internet" can help… If we just succeed in making the anycast experiment happen and deploy, we already reached the scope.If we just succeed in making the anycast experiment happen and deploy, we already reached the scope. Still a lot of work to do to make people understand correctly Why, When, How we make this proposal.Still a lot of work to do to make people understand correctly Why, When, How we make this proposal.
TERENA GA Claudio Allocchio Update on Root Servers Proposal Contributions are welcome…