Re: Advisory — D-root is changing its IPv4 address on the 3rd of January.

Joe Abley jabley at hopcount.ca
Fri Dec 14 17:13:49 UTC 2012


Hi Michael,

On 2012-12-14, at 11:59, Michael Thomas <mike at mtcc.com> wrote:

> Matthew Newton wrote:
>> On Fri, Dec 14, 2012 at 04:42:46PM +0000, Nick Hilliard wrote:
>>> On 13/12/2012 22:54, Jason Castonguay wrote:
>>>> Advisory — D-root is changing its IPv4 address on the 3rd of January.
>>> You've just given 3 weeks notice for a component change in one of the few
>>> critical part of the Internet's infrastructure, at a time when most
>> I think that /was/ the advance notification - you've got 6 months :)
>> "The old address will continue to work for at least six months
>>  after the transition, but will ultimately be retired from
>>  service."
> 
> So really stupid question, and hopefully it's just me, do I need to do something
> on my servers?

When nameservers first boot, all they have is a hints file. This is either baked in to the software, or provided as a "hints file", or some combination. The hints file you have today will have the current/outgoing D-Root address.

The first thing a resolver does before it is ready for service, again, armed only with the hints file, is to send a priming query to a root server. This query is of the form ". IN NS?". Resolvers will try servers from the hints file until they get a response. Once the priming response is received, the data originally harvested from the hints file can be thrown away.

Once D-Root renumbers, a freshly booted resolver with an old hints file will either:

 - send a priming query to one of A, B, C, E, F, G, H, I, J, K, L, M, and obtain a response that contains the new D-Root address
 - send a priming query to the old D-Root v4 address, and also obtain a response that contains the new D-Root address

Once service is discontinued on the current/outgoing D-Root address, such a resolver might fail to obtain a response to its priming query if it happens to try the D/v4 address first. It will re-try with a different address until it succeeds. In principle, you only need one reachable address in the hints file to work to get up and running.

In summary, theory (and practice) tells us that:

1. You should update your hints file from time to time, and

2. If you don't, chances are overwhelmingly good that it will make no difference, and everything will work as normal.


Joe




More information about the NANOG mailing list