[dns-operations] root server address in whois
scg at gibbard.org
Sun May 25 20:58:17 UTC 2008
The list below is a result of a bunch of renumberings over the years, so
there's no question that how to deal with renumbering has been an issue in
the past. Whether it will continue to be an issue is presumably a matter
of whether all the renumbering that needs to happen has already happened,
or whether there's more to come. Past performance is not a guarantee of
future performance, and all that...
There are a few reasons why a renumbering might be necessary:
* Root server needs to be moved, anycasted, etc., and other things in the
* Political issues: Root server needs independence from organization
owning IP address space (whether the root server is changing operators
* Anything else I'm missing?
Looking at the 13 root server addresses, 12 of them are being announced as
/24. The only other top level DNS service happening in those 12 /24s is
DNS for .ARPA. It may be that those networks are all sufficiently
independent already. The remaining one is D Root, at the University of
Maryland. It's still part of a campus /16. Even if we assume its /24
could be broken out of that /16, there are 92 hosts that responded to a
scan of that /24, so the root server does not appear to be alone there.
So, it looks like moving or anycasting D Root would probably require
renumbering, but moving any of the others might not at this point.
Ed's data below appears to show that renumbering a root server for
political control shouldn't now be necessary unless changing who the root
So, that leaves the issue of what happens if one of the root operators
gets replaced. From my understanding of the current agreements, that
would probably require renumbering the roots. Would the current root
operators (aside from UMD) be willing to package their root server /24s
with their root servers, such that if their root server gets transferred
to another organization, the /24 will go with it, or would that be seen as
giving up too much control?
On Fri, 23 May 2008, Edward Lewis wrote:
> Looking into the ARIN, APNIC, and RIPE whois servers, here are there
> registered organizations for the IPv4 addresses in use for the root
> servers. In the left column are the letter and the operator
> according to www.root-servers.org.
> I took the liberty of abbreviating...
> root-servers IP address whois entries
> A VeriSign 22.214.171.124 OrgName: VeriSign Infrastructure & Operations
> B ISI 126.96.36.199 OrgName: B.Root-Server-OPS
> C Cogent 188.8.131.52 OrgName: PSI Inc.
> D UMD 184.108.40.206 OrgName: UMD = University of Maryland
> E NASA ARC 220.127.116.11 OrgName: NASA
> F ISC 18.104.22.168 OrgName: ISC
> G U.S. DOD 22.214.171.124 OrgName: U.S. DoD (NIC)
> H U.S. Army 126.96.36.199 OrgName: Headquarters, USAAISC
> I Autonomica 188.8.131.52 Autonomica
> J VeriSign 184.108.40.206 OrgName: VeriSign Global Registry Services
> K RIPE-NCC 220.127.116.11 RIPE NCC
> L ICANN 18.104.22.168 OrgName: ICANN
> M WIDE Proj 22.214.171.124 The University of Tokyo/Info-Tech Center
> A DEFGHIJKL = seems normal (operator and registered address holder match)
> BC M = not exact matches>
> The "mismatch" in C is (maybe) a matter of Cogent not updating
> (transfering) the registrations from PSI when they acquired/merged.
> For M - WIDE is a project at the University of Tokyo.
> For B - I don't know how to read that. The whois entry doesn't mention ISI.
> It might be that the L-root incident is a one time event. (For
> whatever little value that point is.)
> Edward Lewis +1-571-434-5468
> Never confuse activity with progress. Activity pays more.
> dns-operations mailing list
> dns-operations at lists.oarci.net
More information about the dns-operations