To:
dnsop@cafax.se
From:
marka@isc.org
Date:
Sat, 08 May 1999 18:56:48 +1000
In-reply-to:
Your message of "Sat, 08 May 1999 12:45:47 +1000." <14969.926131547@munnari.OZ.AU>
Reply-To:
dnsop@cafax.se
Sender:
owner-dnsop@cafax.se
Subject:
Re: Experiments in multi-placed root servers
I don't believe that anyone at the BOF thought that it was not technically possible to do this. All the discussion centered around whether it was a "good" thing to do and the error modes. There was discussion about how failure reporting should be done when a there were multiple NOC or a single NOC involved. The single case seemed to be a lot more manable. The example was UUnet that has a presence on multiple continents. If the one NOC was responsible for running all the roots appearing on a given IP address reporting a problem would be a matter of contacting that NOC and then it would be an internal problem for them to identify and fix the problem server. The multiple NOC case seemed to be much more problematic, and was of a much higher concern. The questions came down to which NOC to contact and that the "mug" with the problem would have to be running traceroutes etc. to determine which NOC to contact. There of course is another alternative which does not require any mucking around with routes and scales well though there is some co-ordination required. That is that every nameserver could be a root server. You would transfer the root from your ISP who would transfer it from access provider ... Once the root zone is signed this should remove most of the potential security problems. Mark -- Mark Andrews, Internet Software Consortium 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org