F.ROOT-SERVERS.NET moved to Beijing?
millnert at gmail.com
Mon Oct 3 13:44:50 CDT 2011
On Mon, Oct 3, 2011 at 7:34 PM, Leo Bicknell <bicknell at ufp.org> wrote:
> The only way to make sure a route was correct, everywhere, would
> be to have 39,000+ probes, one on every ASN, and check the path to
> the root server. Even if you had that, how do you define when any
> of the changes in 1-4 are legitimate? You could DNSSEC verify to
> rule out #1, but #2-4 are local decisions made by the ASN (or one
> of its upstreams).
> I suppose, if someone had all 39,000+ probes, we could attempt to
> write algorythms that determined if too much "change" was happening
> at once; but I'm reminded of events like the earthquake that took
> out many asian cables a few years back. There's a very real danger
> in such a system shutting down a large number of nodes during such
> an event due to the magnitude of changes which I'd suggest is the
> exact opposite of what the Internet needs to have happen in that
This sounds an awfully lot like the notary concept:
Furthermore, changing network paths used to reach information probably
should not be reason to shut down a service, in general. More
interesting than which path is used, I suppose, is whether or not the
data being returned has been changed in some unexpected/undesired way.
More information about the NANOG