[145290] in North American Network Operators' Group
Re: F.ROOT-SERVERS.NET moved to Beijing?
daemon@ATHENA.MIT.EDU (Martin Millnert)
Mon Oct 3 14:46:04 2011
In-Reply-To: <20111003173431.GA71928@ussenterprise.ufp.org>
Date: Mon, 3 Oct 2011 20:44:50 +0200
From: Martin Millnert <millnert@gmail.com>
To: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Leo,
On Mon, Oct 3, 2011 at 7:34 PM, Leo Bicknell <bicknell@ufp.org> wrote:
> The only way to make sure a route was correct, everywhere, would
> be to have 39,000+ probes, one on every ASN, and check the path to
> the root server. =A0Even if you had that, how do you define when any
> of the changes in 1-4 are legitimate? =A0You could DNSSEC verify to
> rule out #1, but #2-4 are local decisions made by the ASN (or one
> of its upstreams).
>
> I suppose, if someone had all 39,000+ probes, we could attempt to
> write algorythms that determined if too much "change" was happening
> at once; but I'm reminded of events like the earthquake that took
> out many asian cables a few years back. =A0There's a very real danger
> in such a system shutting down a large number of nodes during such
> an event due to the magnitude of changes which I'd suggest is the
> exact opposite of what the Internet needs to have happen in that
> event.
This sounds an awfully lot like the notary concept:
- http://perspectives-project.org/
- http://convergence.io/
Furthermore, changing network paths used to reach information probably
should not be reason to shut down a service, in general. More
interesting than which path is used, I suppose, is whether or not the
data being returned has been changed in some unexpected/undesired way.
Regards,
Martin
