who are the root server operators?

Paul Vixie vixie at vix.com
Mon Nov 4 18:39:15 UTC 2002


> > If the roots are once again under attack - how will the root server
> > operators be contacted by a frustrated isp who can't resolve.

as valdis points out, 12 operators getting e-mail from 12,000 frustrated isp's
is probably not the best way to do this kind of notification.  as to who the
root server operators are, http://root-servers.org/ has a list.  valdis writes:

> And remember - Paul Vixie has shown that 10% of the inbound traffic at
> c.root-server.net is bogus rfc1918 sourced.  Making the addresses public
> will serve as a DDoS vector against the root operators....

moreover, duane wessels came to eugene last week to tell us that only 2.1%
of the queries hitting F-root were valid.  there's got to be a way to make
that better.

here's a question.  is your authoritative name server set up properly?  by
that i mean: (1) is recursion disabled, and is it listed only in NS RR's,
never in resolv.conf or dhcpd.conf files?  (2) is fetch-glue disabled (or
if not, does your firewall permit F-root to answer your sysqueries?)  
-- 
Paul Vixie



More information about the NANOG mailing list