lists-nanog at silverwraith.com
Fri May 30 21:08:51 UTC 2003
On Fri, May 30, 2003 at 01:28:01PM -0700, Mike Damm wrote:
> Counter: leave everything as it is. If they are willing to provide the
> hardware, bandwidth, and administrative costs to run root servers, they can
> block whoever they want. Just like if you run a web server you can block
> anyone from accessing it that you want. If you don't like it, start up your
> own root zone, there isn't anything stopping you.
> Not that it matters much in the big scheme of things; most modern resolvers
> will give preference to root servers they can actually reach.
> I for one am pretty happy with where E, G, and H are. Cogent and VeriSign's
> networks can hardly handle power cycles, let alone nuclear wars.
You're either smoking the finest quality crack I've ever seen, or using
the common sense of a flea on dope.
RFC2870, Root Name Server Operational Requirements, quite clearly
2.6 Root servers MUST answer queries from any internet host, i.e. may
not block root name resolution from any valid IP address, except
in the case of queries causing operational problems, in which
case the blocking SHOULD last only as long as the problem, and be
as specific as reasonably possible.
I highly doubt that the maintainers of the two .mil hosted servers are
actually blocking queries from them.
In fact, this is very much like saying Mr Vixie and the ISC cannot block
people accessing the remainder of their network, just because they host
a root name server.
Yes, I think I go with the smoking crack option.
More information about the NANOG