[dns-operations] root server address in whois

Steve Gibbard scg at gibbard.org
Sun May 25 20:58:17 UTC 2008

The list below is a result of a bunch of renumberings over the years, so 
there's no question that how to deal with renumbering has been an issue in 
the past.  Whether it will continue to be an issue is presumably a matter 
of whether all the renumbering that needs to happen has already happened, 
or whether there's more to come.  Past performance is not a guarantee of 
future performance, and all that...

There are a few reasons why a renumbering might be necessary:

* Root server needs to be moved, anycasted, etc., and other things in the
   subnet can't.
* Political issues:  Root server needs independence from organization
   owning IP address space (whether the root server is changing operators
   or not).
* Anything else I'm missing?

Looking at the 13 root server addresses, 12 of them are being announced as 
/24.  The only other top level DNS service happening in those 12 /24s is 
DNS for .ARPA.  It may be that those networks are all sufficiently 
independent already.  The remaining one is D Root, at the University of 
Maryland.  It's still part of a campus /16.  Even if we assume its /24 
could be broken out of that /16, there are 92 hosts that responded to a 
scan of that /24, so the root server does not appear to be alone there. 
So, it looks like moving or anycasting D Root would probably require 
renumbering, but moving any of the others might not at this point.

Ed's data below appears to show that renumbering a root server for 
political control shouldn't now be necessary unless changing who the root 
operator is.

So, that leaves the issue of what happens if one of the root operators 
gets replaced.  From my understanding of the current agreements, that 
would probably require renumbering the roots.  Would the current root 
operators (aside from UMD) be willing to package their root server /24s 
with their root servers, such that if their root server gets transferred 
to another organization, the /24 will go with it, or would that be seen as 
giving up too much control?


On Fri, 23 May 2008, Edward Lewis wrote:

> Looking into the ARIN, APNIC, and RIPE whois servers, here are there
> registered organizations for the IPv4 addresses in use for the root
> servers.  In the left column are the letter and the operator
> according to www.root-servers.org.
> I took the liberty of abbreviating...
> root-servers IP address      whois entries
> A VeriSign      OrgName: VeriSign Infrastructure & Operations
> B ISI  OrgName: B.Root-Server-OPS
> C Cogent     OrgName: PSI Inc.
> D UMD     OrgName: UMD = University of Maryland
> F ISC     OrgName: ISC
> G U.S. DOD    OrgName: U.S. DoD (NIC)
> H U.S. Army     OrgName: Headquarters, USAAISC
> I Autonomica   Autonomica
> J VeriSign   OrgName: VeriSign Global Registry Services
> L ICANN     OrgName: ICANN
> M WIDE Proj    The University of Tokyo/Info-Tech Center
> A  DEFGHIJKL  = seems normal (operator and registered address holder match)
>  BC         M = not exact matches>
> The "mismatch" in C is (maybe) a matter of Cogent not updating
> (transfering) the registrations from PSI when they acquired/merged.
> For M - WIDE is a project at the University of Tokyo.
> For B - I don't know how to read that.  The whois entry doesn't mention ISI.
> It might be that the L-root incident is a one time event.  (For
> whatever little value that point is.)
> -- 
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
> Edward Lewis                                                +1-571-434-5468
> NeuStar
> Never confuse activity with progress.  Activity pays more.
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.oarci.net
> http://lists.oarci.net/mailman/listinfo/dns-operations

More information about the dns-operations mailing list