Re: Local root zone (Was NYTimes: Egypt Leaders Found ‘Off’ Switch for Internet)

Wed Feb 16 21:25:13 UTC 2011

I don't think that the Egyptian shutdown of domain names had much effect; that's why the bgp prefixes were withdrawn. What was effective was the withdrawal of BGP prefixes.

http://www.renesys.com/blog/2011/01/egypt-leaves-the-internet.shtml notes, for example, that routes *through* Egypt were operational, but routes through the same fiber and the same routers *to* Egypt were non-functional.

https://labs.ripe.net/Members/akvadrako/live_eqyptian_internet_incident_analysis pretty clearly states that "prefixes associated with Egyptian ISPs were withdrawn".

On Feb 16, 2011, at 11:50 AM, Franck Martin wrote:

> 
> 
> ----- Original Message -----
>> From: "Martin Millnert" <millnert at gmail.com>
>> To: "Marshall Eubanks" <tme at americafree.tv>
>> Cc: "North American Network Operators Group" <nanog at nanog.org>
>> Sent: Thursday, 17 February, 2011 8:28:22 AM
>> Subject: Re: NYTimes: Egypt Leaders Found ‘Off’ Switch for Internet
>> On Wed, Feb 16, 2011 at 9:09 AM, Marshall Eubanks <tme at americafree.tv>
>> wrote:
>>> 
>>> On Feb 16, 2011, at 12:15 AM, Joly MacFie wrote:
>>> 
> "
>> 
>> Operating local IRC networks is good, as is having local OS mirrors,
>> such as Debian/Ubuntu and let's not forget, having a resilient DNS
>> configuration (root zone copy hint 101: "dig @k.root-servers.net. .
>> axfr"). A securely distributed
> 
> Would it make sense for an ISP to "store" the root zone on their DNS servers instead of letting it be refreshed by the DNS cache? A cron job could refresh it from time to time. It would avoid entries from expiring and would always serve to clients entries with max ttl?
> 
> A root server would be better, but that could be an intermediary step?
> 
> Just speaking out loud here, so it may be total non-sense...
> 