root name servers

Havard.Eidnes at Havard.Eidnes at
Wed Aug 2 18:54:57 UTC 1995

> The whole point of hijacking the root domain servers is that it
> turns DNS from a centralised system into a more distributed
> system where cooperation is essential.

Umm, let me see if I can phrase this gently....

This whole idea of hijacking the root domain must be one of the
ideas I've seen recently which is fully at odds with one of the
major points of what I perceive the Internet is all about.

If you decide to set up your own group of root name servers with
a different naming and registration policy than the current root,
you are of course free to do so (nothing will prevent you).
However, this will create a totally separate DNS name space from
the single name space we have today.  If I am not much mistaken,
a given name server *cannot* look up names in more than a single
name space, so you end up creating two different "universes".
Depending on how you populate your local name server's cache with
root name server hint information, your name server will either
end up being able to look up names in one or the other of these
two separate name spaces but not both.  (Yes, there are
"technical reasons" with the current DNS protocol that make this
so, if I've not totally misunderstood things.)

Aside from causing massive confusion (people really do have a
hard enough time figuring out how to configure DNS semi-
correctly with only a single name space at hand), this conflicts
with the goal of *connectivity*, i.e. that I am able to e.g. send
e-mail to anyone else who is connected.  With two or more
(shudder) separate name spaces I will claim that this will not in
practice be possible.

The "distributed system where cooperation is essential" is what
we have today: you pick your name (which isn't already taken)
under a given other name, have it delegated to you and thereafter
you have full autonomy over your own name space.  The
"cooperation (which) is essential" is what the current caretakers
of the root name servers are doing today.  1/2 ;-)

Sorry, I do not see how you can both "hijack the root name
servers" and acheive full connectivity.  If you want to sacrifice
full connectivity (or an approximation thereof), you are of
course free to go ahead and see how large a following you could


- Håvard

More information about the NANOG mailing list