F.ROOT-SERVERS.NET moved to Beijing?

Martin Millnert millnert at gmail.com
Mon Oct 3 13:44:50 CDT 2011


Leo,

On Mon, Oct 3, 2011 at 7:34 PM, Leo Bicknell <bicknell at ufp.org> wrote:
> The only way to make sure a route was correct, everywhere, would
> be to have 39,000+ probes, one on every ASN, and check the path to
> the root server.  Even if you had that, how do you define when any
> of the changes in 1-4 are legitimate?  You could DNSSEC verify to
> rule out #1, but #2-4 are local decisions made by the ASN (or one
> of its upstreams).
>
> I suppose, if someone had all 39,000+ probes, we could attempt to
> write algorythms that determined if too much "change" was happening
> at once; but I'm reminded of events like the earthquake that took
> out many asian cables a few years back.  There's a very real danger
> in such a system shutting down a large number of nodes during such
> an event due to the magnitude of changes which I'd suggest is the
> exact opposite of what the Internet needs to have happen in that
> event.

This sounds an awfully lot like the notary concept:
 - http://perspectives-project.org/
 - http://convergence.io/

Furthermore, changing network paths used to reach information probably
should not be reason to shut down a service, in general.  More
interesting than which path is used, I suppose, is whether or not the
data being returned has been changed in some unexpected/undesired way.

Regards,
Martin



More information about the NANOG mailing list