Re: L-Root address change [Re: [DNSOP] AS112 for TLDs]
John Crain <john.crain@icann.org> Wed, 28 November 2007 19:44 UTC
Return-path: <dnsop-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1IxSqA-00064I-Mq; Wed, 28 Nov 2007 14:44:58 -0500
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1IxSq9-000645-Hk for dnsop@ietf.org; Wed, 28 Nov 2007 14:44:57 -0500
Received: from smtp2.lax.icann.org ([208.77.188.15] helo=smtp01.icann.org) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1IxSq8-000582-T3 for dnsop@ietf.org; Wed, 28 Nov 2007 14:44:57 -0500
Received: from mobile105.mdr.icann.org (mobile105.mdr.icann.org [192.0.39.105] (may be forged)) (authenticated bits=0) by smtp01.icann.org (8.13.8/8.12.11) with ESMTP id lASJitIW008523 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO) for <dnsop@ietf.org>; Wed, 28 Nov 2007 11:44:55 -0800
Message-Id: <F4B4CAFA-C7FE-4803-A51E-625542FD1070@icann.org>
From: John Crain <john.crain@icann.org>
To: IETF DNSOP WG <dnsop@ietf.org>
In-Reply-To: <474DBB41.5080402@publicroot.org>
Content-Type: text/plain; charset="UTF-8"; format="flowed"; delsp="yes"
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Apple Message framework v915)
Subject: Re: L-Root address change [Re: [DNSOP] AS112 for TLDs]
Date: Wed, 28 Nov 2007 11:44:55 -0800
References: <20071127141848.GA16571@nic.fr> <20071127150813.GD33734@moof.catpipe.net> <474C40DF.8080100@publicroot.org> <9B9F9C57-5000-4A63-99CA-89EEB8014205@icann.org> <474C9497.7020308@publicroot.org> <CDFBEFF8-B4BD-4D2B-8E86-6919B62DBA14@icann.org> <474C9A04.1090405@publicroot.org> <77E55800-E184-4225-91C5-59DA85D3E156@icann.org> <20071128095544.GB19314@unknown.office.denic.de> <m2r6iaxkz7.wl%jinmei@isl.rdc.toshiba.co.jp> <474DBB41.5080402@publicroot.org>
X-Mailer: Apple Mail (2.915)
X-Spam-Score: 0.0 (/)
X-Scan-Signature: ff03b0075c3fc728d7d60a15b4ee1ad2
X-BeenThere: dnsop@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IETF DNSOP WG mailing list <dnsop.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dnsop>
List-Post: <mailto:dnsop@ietf.org>
List-Help: <mailto:dnsop-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dnsop>, <mailto:dnsop-request@ietf.org?subject=subscribe>
Errors-To: dnsop-bounces@ietf.org
Speculation is all it is and I probably have no better ideas than many folks here. Be better to try and figure out what is really happening... I think this is just a knock on effect from the fact that many folks don't keep their systems up to date, especially smaller networks. Typically they turn something on and just leave it until it stops working. Just like they don't update any other software if it isn't done for them automatically. That shouldn't come as a surprise to anyone. It's nice to think that resolvers will automatically fix themselves when priming but I think the stats show this not to be solving the issue. It's too early from the L-root perspective to really see what is happening. Less than a month since renumbering, long term trends will be more interesting. We'll start to analyze some of the big hitters on the old address. Once we have some long term data I will publish something. Luckily the folks who gave us DSC made it easy for me to do just that. Big thanks to Duane and co!!! John L. Crain Chief Technical Officer I.C.A.N.N. On 28 Nov 2007, at 11:02, Joe Baptista wrote: > Yes - many questions and few answer and very little data available > for the community to figure out those answers. John Crain should > publish stats more often. Why indeed does root behave so strangely. > That little 40 percentage thingy indeed does raise alotof questions. > John can you speculate for us? Whats going on. > > Another very interesting thing is the incredible power behind one IP > number when it has experienced root activity. It only takes one > rogue root to highjack the entire root system. Its been done twice > now in internet history. How is that possible? > > regards > joe baptista > > JINMEI Tatuya / 神明達哉 wrote: > >> At Wed, 28 Nov 2007 10:55:44 +0100, >> Peter Koch <pk@DENIC.DE> wrote: >> >> >>>> Currently about 60% New IP to 40% old IP... and rising slowly >>>> >>>> So clearly a lot of folks still need to up date their hints >>>> files :( >>>> >>> part of that traffic will be due to old hints files, but priming was >>> actually supposed to accelerate the migration. 40% of total L >>> traffic >>> seems a bit much for 1/13 of the priming traffic? >>> >> >> BIND9 also uses the root hint when it finds necessary glue is >> missing. For example, consider the following delegation: >> >> child.foo.example. NS 86400 ns.child.foo.example. >> ns.child.foo.example. A 3600 192.0.2.1 >> >> When the (recursive) resolver first visits the child.foo.example >> zone, >> it caches both the NS and A records. The glue (A) record will expire >> in 1 hour. When the resolver tries to visit the zone after that >> while >> still keeping the NS record, it tries to fetch the missing glue from >> the root using the hint file, regardless of whether it has the root >> NS >> and the root server addresses in its cache. >> >> This would be another reason for the queries to the old L-root >> address, though I don't think it makes the 40% of total traffic >> unless >> the vast majority of hint files aren't updated. >> >> JINMEI, Tatuya >> Communication Platform Lab. >> Corporate R&D Center, Toshiba Corp. >> jinmei@isl.rdc.toshiba.co.jp >> >> _______________________________________________ >> DNSOP mailing list >> DNSOP@ietf.org >> https://www1.ietf.org/mailman/listinfo/dnsop >> >> >> > > > -- > Joe Baptista www.publicroot.org > PublicRoot Consortium > ---------------------------------------------------------------- > The future of the Internet is Open, Transparent, Inclusive, > Representative & Accountable to the Internet community @large. > ---------------------------------------------------------------- > Office: +1 (202) 517-1593 > Fax: +1 (509) 479-0084 > > <baptista.vcf>_______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www1.ietf.org/mailman/listinfo/dnsop _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www1.ietf.org/mailman/listinfo/dnsop
- [DNSOP] AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs Phil Regnauld
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs John Crain
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs John Crain
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs John Crain
- L-Root address change [Re: [DNSOP] AS112 for TLDs] Peter Koch
- [DNSOP] Re: L-Root address change (Was: AS112 for… Stephane Bortzmeyer
- Re: L-Root address change [Re: [DNSOP] AS112 for … bert hubert
- Re: [DNSOP] Re: L-Root address change (Was: AS112… Ralf Weber
- Re: L-Root address change [Re: [DNSOP] AS112 for … Matt Larson
- Re: L-Root address change [Re: [DNSOP] AS112 for … bmanning
- Re: L-Root address change [Re: [DNSOP] AS112 for … bert hubert
- Re: L-Root address change [Re: [DNSOP] AS112 for … bmanning
- Re: L-Root address change [Re: [DNSOP] AS112 for … bert hubert
- Re: B-Root address change [Re: [DNSOP] AS112 for … bmanning
- Re: L-Root address change [Re: [DNSOP] AS112 for … Joe Baptista
- Re: L-Root address change [Re: [DNSOP] AS112 for … JINMEI Tatuya / 神明達哉
- Re: L-Root address change [Re: [DNSOP] AS112 for … Joe Baptista
- Re: L-Root address change [Re: [DNSOP] AS112 for … John Crain
- Re: L-Root address change [Re: [DNSOP] AS112 for … Joe Baptista
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Phil Regnauld
- Re: [DNSOP] AS112 for TLDs Brian Dickson
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Masataka Ohta
- Re: [DNSOP] AS112 for TLDs Elmar K. Bins
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- [DNSOP] Re: AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Mohsen Souissi
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Paul Vixie
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: AS112 for TLDs Edward Lewis
- Re: [DNSOP] Re: AS112 for TLDs Paul Vixie
- Re: [DNSOP] Re: AS112 for TLDs Joe Baptista
- Re: [DNSOP] Re: AS112 for TLDs Mark Andrews
- Re: [DNSOP] Re: L-Root address change (Was: AS112… Florian Weimer
- [DNSOP] Re: AS112 for TLDs Stephane Bortzmeyer
- Re: [DNSOP] AS112 for TLDs Florian Weimer
- Re: [DNSOP] Re: AS112 for TLDs Florian Weimer
- Re: [DNSOP] AS112 for TLDs Sebastian Castro Avila
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Sebastian Castro
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Joe Abley
- Re: [DNSOP] AS112 for TLDs Paul Vixie
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs bmanning
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs David Conrad
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs Frederico A C Neves
- Re: [DNSOP] AS112 for TLDs David Conrad
- Re: [DNSOP] AS112 for TLDs bmanning
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs David Conrad
- Re: [DNSOP] AS112 for TLDs Edward Lewis
- Re: [DNSOP] AS112 for TLDs John L. Crain
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs bmanning
- Re: [DNSOP] AS112 for TLDs Florian Weimer
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Florian Weimer
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Dean Anderson
- Re: [DNSOP] AS112 for TLDs Andrew Sullivan
- Re: [DNSOP] AS112 for TLDs Joe Baptista
- Re: [DNSOP] AS112 for TLDs Mark Andrews
- Re: [DNSOP] AS112 for TLDs Jaap Akkerhuis
- Re: [DNSOP] AS112 for TLDs Dean Anderson
- Re: [DNSOP] AS112 for TLDs Peter Koch
- Re: [DNSOP] AS112 for TLDs William F. Maton Sotomayor
- Re: [DNSOP] AS112 for TLDs Paul Vixie
- Re: [DNSOP] AS112 for TLDs Warren Kumari