[132163] in North American Network Operators' Group
Re: The i-root china reroute finally makes fox news. And congress.
daemon@ATHENA.MIT.EDU (Lindqvist Kurt Erik)
Wed Nov 17 09:43:44 2010
From: Lindqvist Kurt Erik <kurtis@kurtis.pp.se>
In-Reply-To: <C29C7F3C-D2BD-42BA-B2CB-A49B796F66FA@cisco.com>
Date: Wed, 17 Nov 2010 15:43:31 +0100
To: Baker Fred <fred@cisco.com>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--Apple-Mail-5417-312683228
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=us-ascii
On 17 nov 2010, at 07.17, Fred Baker wrote:
>=20
>=20
> On Nov 17, 2010, at 1:08 AM, Suresh Ramasubramanian wrote:
>=20
>> =
http://www.foxnews.com/politics/2010/11/16/internet-traffic-reportedly-rou=
ted-chinese-servers/
>=20
> I have read the article and the list, and I'm puzzled. It's pretty =
clear that the root gets its records from a common source, and that the =
copies of them being delivered by a given root server were different. As =
a result, traffic intended to go place A went to place B if the TLD =
lookup happened to go to the particular root server in question. How did =
an instance of the root server find itself serving changed records? =
While there is no obvious indication of who made the change or for what =
reason, it's unlikely it was accidental.
>=20
> Not sure what Glenn Beck, Fox News, or Godwin's Law have to do with =
it. There was a technical event that resulted in misrouting of traffic, =
and while international concerns regarding it had political overtones, =
the technical event is not a political one. If it was your traffic that =
had been misrouted, you might have issued expressions of concern. So why =
respond to it with a political response?
>=20
> Sounds to me like one of the arguments for DNSSEC deployment...
Before the rumor mill get's going based on the Renesys work again, the =
article doesn't mention DNS, it mentions re-routing of traffic. I would =
like to repreat what we have said in the past.=20
As best as we can tell - no i.root-servers.net instance operated by us =
has answered incorrectly - ever. We serve the data exactly as we receive =
it from IANA.=20
When I read the article I assumed it referred to the routing leaks of =
April 8th that was also discussed on Nanog. But I haven't read the =
report, nor has anyone contacted us regarding it. Renesys has though, a =
few weeks ago contacted us to get some data from us on what happened in =
March.=20
Best regards,
- kurtis -
--Apple-Mail-5417-312683228
content-type: application/pgp-signature; x-mac-type=70674453;
name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
iEYEARECAAYFAkzj6hQACgkQAFdZ6xrc/t7MxQCcDAezym5KnweJ6Cx1+5dvF4L3
R60AnRDWfWQ/08gObTPM9ncAaxjUHQME
=BB2V
-----END PGP SIGNATURE-----
--Apple-Mail-5417-312683228--
