IETF Logo Mail Archive

Re: [DNSOP] AS112 for TLDs

John Crain <john.crain@icann.org> Tue, 27 November 2007 22:12 UTC

Return-path: <dnsop-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ix8f6-00044I-20; Tue, 27 Nov 2007 17:12:12 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ix8f5-000440-77 for dnsop@ietf.org; Tue, 27 Nov 2007 17:12:11 -0500
Received: from smtp2.lax.icann.org ([208.77.188.15] helo=smtp01.icann.org) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Ix8f4-0006zR-Aa for dnsop@ietf.org; Tue, 27 Nov 2007 17:12:11 -0500
Received: from mobile105.mdr.icann.org (mobile105.mdr.icann.org [192.0.39.105] (may be forged)) (authenticated bits=0) by smtp01.icann.org (8.13.8/8.12.11) with ESMTP id lARMC6C6019026 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 27 Nov 2007 14:12:07 -0800
Message-Id: <CDFBEFF8-B4BD-4D2B-8E86-6919B62DBA14@icann.org>
From: John Crain <john.crain@icann.org>
To: Joe Baptista <baptista@publicroot.org>
In-Reply-To: <474C9497.7020308@publicroot.org>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v915)
Subject: Re: [DNSOP] AS112 for TLDs
Date: Tue, 27 Nov 2007 14:12:06 -0800
References: <20071127141848.GA16571@nic.fr> <20071127150813.GD33734@moof.catpipe.net> <474C40DF.8080100@publicroot.org> <9B9F9C57-5000-4A63-99CA-89EEB8014205@icann.org> <474C9497.7020308@publicroot.org>
X-Mailer: Apple Mail (2.915)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: cdb443e3957ca9b4c5b55e78cfcf4b26
Cc: Phil Regnauld <regnauld@catpipe.net>, dnsop@ietf.org
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Errors-To: dnsop-bounces@ietf.org

Hi Joe.

I didn't do the math, I was using DSC.

I'm sure I could figure it out with some DSC tweaking...

However with beign completely unscientific and measuring rates  
averaging from 8kq/s (low)  to 10kq/s (high) over a 24hr period
it's between 691.2 million and 864 million queries. So a fairly big  
sample.. I would estimate that it is somewhere inbetween at about 750  
million.

I'll leave more in depth analysis to the likes of CAIDA, they're  
better at it than me.


John L. Crain
Chief Technical Officer
I.C.A.N.N.



On 27 Nov 2007, at 14:05, Joe Baptista wrote:

> John Crain wrote:
>
>> Hi Joe,
>>
>> It is exactly reflective of traffic as seen at l.root-servers.net  
>> and  measured by DSC.  there is no trickery, plots or evil schemes  
>> involved.
>>
>> Shame that your paranoia gets the better of you;)
>
> Your right.  There is no trickery, plots or evil schemes involved.   
> I misspoke in the message to the GA.  The only one misleading us  
> using the data was stephane and I doubt that was intentional.  We  
> are having a discussion concerning TLDs there and the data was used  
> to make a point, which on reflection does not exist due to the  
> particulars made in my reply.
>
>> Those are percentages not queries indeed. Total queries varies  
>> between  8Kq/s and 10Kq/s on a normal day.
>> So you can do the math if you really want to see it by q/s.  Also  
>> it  only shows the TOP scores, not all TLDs.
>>
>> For clarity: The data is from both current and old IPv4 addresses   
>> (Across all instances of L)
>
> I know - in both cases recent deployments of a root server.  It  
> would be very beneficial to see this data across the other roots for  
> comparison.  As I have said the L.root is not reflective of the  
> overall traffic patterns to all the roots as L is a very new  
> instance of a root, either old or new IPv4 address.
>
> Incidentally - just how much traffic is this representative of?  How  
> many queries came in during the period the data was captured?
>
> Thanks for the clarification.
>
> regards
> joe baptista
>
> regards
> joe baptista
>
>
>>
>> I have already spoken to CAIDA about supplying them with L-root  
>> data  for future projects and we will be taking part in their "day  
>> in the  life of" project
>> so you should see L-root included in their future analysis.
>>
>> John L. Crain
>> Chief Technical Officer
>> I.C.A.N.N.
>>
>>
>>
>> On 27 Nov 2007, at 08:07, Joe Baptista wrote:
>>
>>> Phil Regnauld wrote:
>>>
>>>> Stephane Bortzmeyer (bortzmeyer) writes:
>>>>
>>>>> I cannot find another report about the TLDs most often queried  
>>>>> at a
>>>>> root name server. Other reports I've seen aggregated data,  
>>>>> while  this
>>>>> small glimpse, however partial, at least *names* the TLDs.
>>>>>
>>> I'm posting the comments made to you on the GA/GNSO.  Since I  
>>> have  pointed out to you there that this data from L.root is not  
>>> very  reflective of network traffic.
>>>
>>>> Stephane Bortzmeyer wrote:
>>>>
>>>>> I cannot find another report about the TLDs most often queried  
>>>>> at a
>>>>> root name server. Other reports I've seen aggregated data,  
>>>>> while  this
>>>>> small glimpse, however partial, at least *names* the TLDs.
>>>>>
>>>>> It has been said sometimes that dummy (sorry, Karl, "boutique"  
>>>>> TLDs)
>>>>> were present in requests to the root name servers. This is clearly
>>>>> false, all the non-existing TLDs queried are local domains (such  
>>>>> as
>>>>> Apple's ".local"), leaking through a configuration error.
>>>>>
>>>>> http://blog.icann.org/?p=240
>>>>>
>>>>
>>>> Thanks for that Stephane.  It would look to me like things are   
>>>> getting better.  This root where the data originates seems to  
>>>> get  less errors then that reported in 2003 which data mainly  
>>>> came from  f.root.
>>>>
>>>> Thats a significant improvement however after careful inspection  
>>>> we  begin to see the flaws in this data.  If this were f.root  
>>>> data then  I would be very impressed.  Because the data would  
>>>> show a  significant decrease in error traffic.  That would be  
>>>> amazing.  In  fact the data looks alot like that I have seen for  
>>>> public roots I  have setup.  Like the one now used in Turkey.
>>>>
>>>> However this is data from the L.root run by ICANN and i'm not so   
>>>> amazed anymore.  I speculate this is just a little bit of ICANN   
>>>> nonsense designed to once again mislead the public.  Shame.
>>>>
>>>> Now the problem as I see it here is that this data is very  
>>>> limited  in scope.  I don't dispute the first chart on popular  
>>>> TLDs.  What  i'm interested to see are the popular TLDs that  
>>>> result in errors  (NXDOMAIN) as per the original 2003 report  
>>>> methodology.
>>>>
>>>> Next there is nothing in the data that states the number of  
>>>> queries  received at the root servers.  Only percentages are used  
>>>> in the  metrics.  The articles I wrote
>>>>
>>>> http://www.theregister.co.uk/2003/02/05/  
>>>> dud_queries_swamp_us_internet/
>>>>
>>>> show us that CAIDA conducted an analysis on 152 million  
>>>> messages.   This data was obtained from f.root.  f.root is one of  
>>>> the oldest  roots on the net while l.root is one of the newest.   
>>>> In fact if as  per the ICANN blog this data was collected on  
>>>> November 26 then it  would of come from IP 199.7.83.42 that was  
>>>> implemented on 1  November 2007 and replaced the previous IP  
>>>> address of 198.32.64.12.
>>>>
>>>> http://l.root-servers.org/ip-change-26nov07.htm
>>>>
>>>> The data is unclear if it was collected from 199.7.83.42 or   
>>>> 198.32.64.12.  In any case what is certain is that both versions  
>>>> of  the L.root run by ICANN are very new and that means the  
>>>> amount of  traffic to them would be very low in comparison to  
>>>> f.root - which  in my opinion provides a more accurate reflection  
>>>> of traffic  patterns on the net.
>>>>
>>>> So in conclusion is this data in any way reflective of the  
>>>> impact  of Karl, "boutique" TLDs?  The answer in this case would  
>>>> be NO.  It  is however reflective of the data one would associate  
>>>> with a  recently launched root server that few people are yet  
>>>> dependent on.
>>>>
>>>> Hope my comments help you interpret the data.
>>>>
>>>> kindest regards
>>>> joe baptista
>>>
>>>
>>>
>>>
>>> -- 
>>> Joe Baptista                                www.publicroot.org
>>> PublicRoot Consortium
>>> ----------------------------------------------------------------
>>> The future of the Internet is Open, Transparent, Inclusive,
>>> Representative & Accountable to the Internet community @large.
>>> ----------------------------------------------------------------
>>> Office: +1 (202) 517-1593
>>>   Fax: +1 (509) 479-0084
>>>
>>> <baptista.vcf>_______________________________________________
>>> DNSOP mailing list
>>> DNSOP@ietf.org
>>> https://www1.ietf.org/mailman/listinfo/dnsop
>>
>>
>>
>>
>
>
> -- 
> Joe Baptista                                www.publicroot.org
> PublicRoot Consortium
> ----------------------------------------------------------------
> The future of the Internet is Open, Transparent, Inclusive,
> Representative & Accountable to the Internet community @large.
> ----------------------------------------------------------------
> Office: +1 (202) 517-1593
>    Fax: +1 (509) 479-0084
>
> <baptista.vcf>


_______________________________________________
DNSOP mailing list
DNSOP@ietf.org
https://www1.ietf.org/mailman/listinfo/dnsop

v2.23.0 | Report a Bug | By Email