[81965] in North American Network Operators' Group

home help back first fref pref prev next nref lref last post

Re: The whole alternate-root ${STATE}horse (was Re: Enable BIND cache server to resolve chinese domain name?)

daemon@ATHENA.MIT.EDU (Jay R. Ashworth)
Fri Jul 8 15:24:11 2005

Date: Tue, 5 Jul 2005 09:40:39 -0400
From: "Jay R. Ashworth" <jra@baylink.com>
To: nanog@nanog.org
In-Reply-To: <200507050514.j655EAZ2032516@turing-police.cc.vt.edu>; from Valdis.Kletnieks@vt.edu on Tue, Jul 05, 2005 at 01:14:08AM -0400
Errors-To: owner-nanog@merit.edu


On Tue, Jul 05, 2005 at 01:14:08AM -0400, Valdis.Kletnieks@vt.edu wrote:
> On Mon, 04 Jul 2005 22:32:52 EDT, "Jay R. Ashworth" said:
> > Well, Steve; that reply is a *little* disingenuous: all of the
> > alternative root zones and root server clusters that *I'm* aware of
> > track the ICANN root, except in the rare instances where there are TLD
> > collisions.
> 
> And *that* is just a tad disingenuous itself. If you have 1 alternate
> root that tracks ICANN's dozen-ish TLDs and the country-code TLDs, and
> then adds 2-3 dozen of its own, there's little room for amusement.
> If however, you have a Turkish root that tracks ICANN's dozen, and
> then adds 50 or 60 of its own, and a Chinese root that tracks ICANN's
> dozen, and then adds 75 or 100 of its own, it becomes interesting to
> watch a Turkish user try to reach one of those 75 Chinese TLDs, or the
> Chinese user try to reach one of the 50 Turkish additions, or either
> of those users trying to reach the *.special-sauce domain the first
> alternate root created.
>
> A collision isn't the only failure mode to worry about....

And I didn't say it was, Valdis.  I am fairly familiar with the
potential problems of conflicting root zones, and, to date, I observe
that -- in general -- they have fairly consistently failed to occur.

Indeed, though, if governments get into the act, things are more likely
to get broken.

But Steve appeared to be suggesting that there was no reasonable way to
*avoid* problems -- and that's clearly not the case. If I misinterpreted
Steve, no doubt he'll correct me.  But there are two fairly prominent,
widely operated alternate root zones out there, ORSC, and P-R, which
don't collide as far as I know, and between them probably account for a
large percentage of the .01% of networks resolving off of non-ICANN
roots.  Seems to me any country wanting to build an alternate ccTLD and
choosing one which is available in both those roots and not known to be
planned as an active TLD at ICANN would be in pretty good shape.

And don't most of us consider ourselves engineering types here?  You
deal with what *is*, not what you'd *like* to be.  Sure, multiple, only
informally synchronized roots aren't the best state of affairs.

But they don't exist simply because one guy thought it would be cool;
this isn't Joe's Bar and Root Zone we're talking about here...

Cheers,
-- jra
-- 
Jay R. Ashworth                                                jra@baylink.com
Designer                +-Internetworking------+----------+           RFC 2100
Ashworth & Associates   |  Best Practices Wiki |          |            '87 e24
St Petersburg FL USA    http://bestpractices.wikicities.com    +1 727 647 1274

      If you can read this... thank a system administrator.  Or two.  --me

home help back first fref pref prev next nref lref last post