Re: Advisory — D-root is changing its IPv4 address on the 3rd of January.

Joe Abley jabley at hopcount.ca
Fri Dec 14 19:02:31 UTC 2012


On 2012-12-14, at 13:17, Joe Antkowiak <antkojm1 at gmail.com> wrote:

> On Fri, Dec 14, 2012 at 11:56 AM, Jay Ashworth <jra at baylink.com> wrote:
> 
>> Quite so: UMD: Where will the old IP route after the 6 month period is
>> complete?  Somewhere safe?
>> 
>> In point of fact, ISTM that there *is no way* to make this completely safe;
>> granted that it's a low percentage attack, and thus probably not useful
>> to actual attackers, but the possibility exists that someone could hijack
>> that block at a provider level, and provide their own replacement for that
>> old server IP.
>> 
> 
> This is an extremely good point...   Where will the former addresses be
> going after this?

As I understand it (but ask UMD!)

 - D-Root is currently numbered out of a general-purpose UMD /16 into a dedicated, specifically-assigned /24
 - the UMD /16 is not going anywhere

The announcement is that D-Root is being renumbered, not that UMD is renumbering its whole network.

Other root servers have renumbered out of institutional, general-purpose networks into dedicated networks in the past. I think the last one was B-Root in 2004, from an address within 128.9.0.0/16 to an address within 192.228.79.0/24 (see <http://www.root-servers.org/news/new-ip-b.html>).

> I'm sure someone's thought about that though...I hope.


Joe


More information about the NANOG mailing list