[132150] in North American Network Operators' Group
Re: The i-root china reroute finally makes fox news. And congress.
daemon@ATHENA.MIT.EDU (David Conrad)
Wed Nov 17 01:46:55 2010
From: David Conrad <drc@virtualized.org>
In-Reply-To: <C29C7F3C-D2BD-42BA-B2CB-A49B796F66FA@cisco.com>
Date: Tue, 16 Nov 2010 20:46:44 -1000
To: Fred Baker <fred@cisco.com>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Nov 16, 2010, at 8:17 PM, Fred Baker wrote:
>> =
http://www.foxnews.com/politics/2010/11/16/internet-traffic-reportedly-rou=
ted-chinese-servers/
>=20
> I have read the article and the list, and I'm puzzled. It's pretty =
clear that the root gets its records from a common source, and that the =
copies of them being delivered by a given root server were different.
Hard to decipher what the Fox report is actually talking about, but I =
suspect it relates to =
http://www.renesys.com/blog/2010/06/two-strikes-i-root.shtml
> Not sure what Glenn Beck, Fox News, or Godwin's Law have to do with =
it. There was a technical event that resulted in misrouting of traffic, =
and while international concerns regarding it had political overtones, =
the technical event is not a political one. If it was your traffic that =
had been misrouted, you might have issued expressions of concern. So why =
respond to it with a political response?
As for political vs. technical, it feels (particularly given the Fox =
report is sourced from a paper on US-China relations) like yet more =
cyber war drum beating, but that might just be me.
> Sounds to me like one of the arguments for DNSSEC deployment...
DNSSEC would let you know something odd happened (if you're doing a DNS =
lookup, have validation turned on, and can tell the difference between =
SERVFAIL generated stub resolver timeout and a random Internet =
brokenness), although it doesn't really give you any tools to fix it. =
What really needs to be fixed is "routing by rumor".
Regards,
-drc
