quietly....

David Conrad drc at virtualized.org
Mon Feb 14 04:57:12 UTC 2011


On Feb 13, 2011, at 2:49 PM, Joel Jaeggli wrote:
>> Ignoring historical mistakes, what would they be?
> gosh, I can't imagine why anyone would want to renumber of out 198.32.64.0/24...

I guess you missed the part where I said "Ignoring historical mistakes".

> making them immutable pretty much insures that you'll then find a reason to do so.

The fact that ICANN felt it necessary to renumber into a new prefix is a perfect example of why having golden addresses for the DNS makes sense.  If the root server addresses had been specified in an RFC or somesuch, there would be no question about address "ownership".

> There are plenty of cautionary tales to be told about well-known addresses.

As I'm sure you're aware, the DNS is a bit unique in that can't use the DNS to bootstrap.  It requires a set of pre-configured addresses to function. Changing one of those pre-configured addresses requires changing the hints file in every resolver on the Internet which takes a very long time (I'm told that a root server address changed over a decade ago still receives more than 10 priming queries per second). It also means the former root server address is forever poisoned -- you don't want to give that address to someone who might use it to set up a bogus root server. It was hard enough when there were just a couple of DNS resolver vendors, now there are more than a few.

> assuming that for the sake of the present that we forsake future flexibility then sure golden addresses are great.

It isn't clear to me what flexibility would be sacrificed, but it is academic. Unfortunately, it'll likely take some traumatic event for the status quo to change.

Regards,
-drc






More information about the NANOG mailing list