New addresses for b.root-servers.net

• Previous message (by thread): New addresses for b.root-servers.net
• Next message (by thread): New addresses for b.root-servers.net
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 6/17/23 7:12 AM, Tom Beecher wrote:
> Bill-
> 
>     Don't say, "We'll keep it up for as long as we feel like it, but at
>     least a year." That's crap.
> 
> 
> 30% of the root servers have been renumbered in the last 25 years.
> 
> h : 2015
> d: 2013
> l : 2007
> j : 2002
> 
> For these 4 cases, only a 6 month transition time was provided, and the internet as we know it did 
> not fall over in a flaming pile. ( One could argue it was ALREADY a flaming pile, but that's a 
> different discussion.)

There’s a huge difference between “no one noticed any issues because recursive resolvers will 
seamlessly fall back to other root servers if there’s an outage” and “there aren’t issues”.

For non-DNSSEC-verifying-resolvers (sheesh, but they still exist), if the IPs are eventually 
released and someone stands up a DNS server on them you could cause real harm.

Does this need to be over-engineered to prevent that? No, though doing a few tricks to help the poor 
folks on unmaintained recursive resolvers isn’t bad either.

But lack of visible issues doesn’t mean that users aren’t put at risk. That said, I have no idea if 
the old number resources were released or no longer announced in the DFZ after the previous 
renumbers, which would really be the point at which concern is warranted, not simply no longer 
responding.

Matt

• Previous message (by thread): New addresses for b.root-servers.net
• Next message (by thread): New addresses for b.root-servers.net
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]