.mil domain root only hosted by one server??
Vinny Abello
vinny at tellurian.com
Wed Aug 21 20:09:21 UTC 2002
Ooops... My apologies (before I get slammed). I forgot the query type of NS
in my dig.
; <<>> DiG 9.2.1 <<>> @a.root-servers.net ns mil.
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41
;; flags: qr aa rd; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 11
;; QUESTION SECTION:
;mil. IN NS
;; ANSWER SECTION:
mil. 86400 IN NS E.ROOT-SERVERS.NET.
mil. 86400 IN NS PAC2.NIPR.mil.
mil. 86400 IN NS CON1.NIPR.mil.
mil. 86400 IN NS B.ROOT-SERVERS.NET.
mil. 86400 IN NS A.ROOT-SERVERS.NET.
mil. 86400 IN NS EUR1.NIPR.mil.
mil. 86400 IN NS PAC1.NIPR.mil.
mil. 86400 IN NS H.ROOT-SERVERS.NET.
mil. 86400 IN NS G.ROOT-SERVERS.NET.
mil. 86400 IN NS CON2.NIPR.mil.
mil. 86400 IN NS EUR2.NIPR.mil.
;; ADDITIONAL SECTION:
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
PAC2.NIPR.mil. 86400 IN A 199.252.155.234
CON1.NIPR.mil. 86400 IN A 199.252.175.234
B.ROOT-SERVERS.NET. 3600000 IN A 128.9.0.107
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
EUR1.NIPR.mil. 86400 IN A 199.252.154.234
PAC1.NIPR.mil. 86400 IN A 199.252.180.234
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
CON2.NIPR.mil. 86400 IN A 199.252.173.234
EUR2.NIPR.mil. 86400 IN A 199.252.143.234
;; Query time: 500 msec
;; SERVER: 198.41.0.4#53(a.root-servers.net)
;; WHEN: Wed Aug 21 16:07:56 2002
;; MSG SIZE rcvd: 412
That's better. :) Go back to your regularly scheduled threads.
At 03:04 PM 8/21/2002 -0500, you wrote:
>On Wed, Aug 21, 2002 at 03:46:22PM -0400, Vinny Abello wrote:
> >
> > I just stumbled across something I thought was interesting. All the .mil
> > domain names used by the U.S. Military are served by one single root
> > server. I thought that was a bit odd. I'm sure that one server is more
> than
> > enough to handle the queries for all the .mil domains with no problem, but
> > it doesn't seem very redundant or safe at all. Especially for something
> our
> > military uses. There's something that could be beefed up a little bit. My
> > other thought (which others may know) was that perhaps the military runs
> > G.ROOT-SERVERS.NET and I'm just not aware of it. Maybe it's a policy to
> > only run .mil on what they can control? Even still, I think it might be in
> > their best interest to setup a few more.
> >
> > These are the results I got when I queried A.ROOT-SERVERS.NET:
> >
> > ; <<>> DiG 9.2.1 <<>> @a.root-servers.net mil.
> > ;; global options: printcmd
> > ;; Got answer:
> > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41
> > ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
> >
> > ;; QUESTION SECTION:
> > ;mil. IN A
> >
> > ;; AUTHORITY SECTION:
> > mil. 86400 IN SOA G.ROOT-SERVERS.NET.
> > HOSTMASTER.N
> > IC.mil. 2002082000 3600 900 1209600 86400
> >
>Ummmm. The SOA MNAME field is always a single server.
>
>bastet[~]$ dig +short mil ns @g.root-servers.net
>PAC1.NIPR.mil.
>H.ROOT-SERVERS.NET.
>G.ROOT-SERVERS.NET.
>CON2.NIPR.mil.
>EUR2.NIPR.mil.
>E.ROOT-SERVERS.NET.
>PAC2.NIPR.mil.
>CON1.NIPR.mil.
>B.ROOT-SERVERS.NET.
>A.ROOT-SERVERS.NET.
>EUR1.NIPR.mil.
>bastet[~]$
>
>-Pete
Vinny Abello
Network Engineer
Server Management
vinny at tellurian.com
(973)300-9211 x 125
(973)940-6125 (Direct)
PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A
Tellurian Networks - The Ultimate Internet Connection
http://www.tellurian.com (888)TELLURIAN
More information about the NANOG
mailing list