Concern about gTLD servers in India

• Previous message (by thread): AT&T home DSL IPv6 configuration?
• Next message (by thread): Concern about gTLD servers in India
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello everyone,


Greetings from India. I hope lot of you have enjoyed APRICOT event at New
Delhi.

I wanted to bring an important issue. It's about DNS root servers in India.

So

anurag at laptop:~$ dig . ns +short
i.root-servers.net.
e.root-servers.net.
j.root-servers.net.
l.root-servers.net.
k.root-servers.net.
d.root-servers.net.
h.root-servers.net.
f.root-servers.net.
m.root-servers.net.
c.root-servers.net.
a.root-servers.net.
g.root-servers.net.
b.root-servers.net.


I can see India has 3 root servers hosting root zone - i, j & k in India
which is good. So we can resolve the root zone i.e dot within India.

Next, looking gTLD servers used by popular TLDs like com/net/org:

anurag at laptop:~$ dig com. ns +short
g.gtld-servers.net.
f.gtld-servers.net.
a.gtld-servers.net.
h.gtld-servers.net.
e.gtld-servers.net.
d.gtld-servers.net.
j.gtld-servers.net.
i.gtld-servers.net.
c.gtld-servers.net.
m.gtld-servers.net.
l.gtld-servers.net.
k.gtld-servers.net.
b.gtld-servers.net.


None of these gTLD root servers are in India. I have tested routes to each
of them from BSNL (AS9829), Tata Comm (AS4755 & AS6453), Airtel (AS9498) -
all land up outside India - most of them in Europe and US, and couple of
them in Singapore, and one in Australia. Why so? Please correct me if I am
wrong on this analysis but this seems not efficient setup to me. Any damage
on outside connectivity (which is common with Earthquakes or ships hitting
submarine fiber, and eventually opposite route getting chocked with
traffic) - can cause huge issues on sites which are hosted within India.



And so this is how google.com is resolved in India:

anurag at laptop:~$ dig google.com +trace

; <<>> DiG 9.7.1-P2 <<>> google.com +trace
;; global options: +cmd
. 11352 IN NS i.root-servers.net.
. 11352 IN NS e.root-servers.net.
. 11352 IN NS j.root-servers.net.
. 11352 IN NS l.root-servers.net.
. 11352 IN NS k.root-servers.net.
. 11352 IN NS d.root-servers.net.
. 11352 IN NS h.root-servers.net.
. 11352 IN NS f.root-servers.net.
. 11352 IN NS m.root-servers.net.
. 11352 IN NS c.root-servers.net.
. 11352 IN NS a.root-servers.net.
. 11352 IN NS g.root-servers.net.
. 11352 IN NS b.root-servers.net.
;; Received 228 bytes from 8.8.8.8#53(8.8.8.8) in 57 ms

com. 172800 IN NS a.gtld-servers.net.
com. 172800 IN NS b.gtld-servers.net.
com. 172800 IN NS c.gtld-servers.net.
com. 172800 IN NS d.gtld-servers.net.
com. 172800 IN NS e.gtld-servers.net.
com. 172800 IN NS f.gtld-servers.net.
com. 172800 IN NS g.gtld-servers.net.
com. 172800 IN NS h.gtld-servers.net.
com. 172800 IN NS i.gtld-servers.net.
com. 172800 IN NS j.gtld-servers.net.
com. 172800 IN NS k.gtld-servers.net.
com. 172800 IN NS l.gtld-servers.net.
com. 172800 IN NS m.gtld-servers.net.
;; Received 491 bytes from 128.63.2.53#53(h.root-servers.net) in 264
ms  - Hitting
outside root server, but anyways alternate i,j,k are up in India so good
overall.

google.com. 172800 IN NS ns2.google.com.
google.com. 172800 IN NS ns1.google.com.
google.com. 172800 IN NS ns3.google.com.
google.com. 172800 IN NS ns4.google.com.
;; Received 164 bytes from 192.5.6.30#53(a.gtld-servers.net) in 315 ms
- Hitting
outside server and it will always hit outside since no server here. Problem.

google.com. 300 IN A 173.194.36.3
google.com. 300 IN A 173.194.36.4
google.com. 300 IN A 173.194.36.0
google.com. 300 IN A 173.194.36.2
google.com. 300 IN A 173.194.36.8
google.com. 300 IN A 173.194.36.1
google.com. 300 IN A 173.194.36.5
google.com. 300 IN A 173.194.36.7
google.com. 300 IN A 173.194.36.6
google.com. 300 IN A 173.194.36.14
google.com. 300 IN A 173.194.36.9
;; Received 204 bytes from 216.239.32.10#53(ns1.google.com) in 305 ms





Also, looking at reverse DNS root servers:

anurag at laptop:~$ dig in-addr.arpa. ns +short
a.in-addr-servers.arpa.
b.in-addr-servers.arpa.
c.in-addr-servers.arpa.
d.in-addr-servers.arpa.
e.in-addr-servers.arpa.
f.in-addr-servers.arpa.



Again, none of these hosted in India. So for each email sent within any
domains across India - during smtp check, rDNS is resolved from outside
world? (SMTP auth. being one of mail roles of rDNS besides few others). I
have collected data about paths from popular Indian backbones to each of
these servers. If anyone interested, please let me know.


*Sidenote: I know NANOG is primarily for North America but I
really appreciate good replies and was wondering if someone can tell me if
my understanding is wrong.*

Very much interested in hearing comments from community on this.


Thanks.

-- 

Anurag Bhatia
anuragbhatia.com
or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected
network!

Twitter: @anurag_bhatia <https://twitter.com/#!/anurag_bhatia>
Linkedin: http://linkedin.anuragbhatia.com

• Previous message (by thread): AT&T home DSL IPv6 configuration?
• Next message (by thread): Concern about gTLD servers in India
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]