[dns-operations] The (very) uneven distribution of DNS root servers on the Internet

[David Conrad]

Joe,

On May 16, 2012, at 5:52 PM, Joe Abley wrote:
> The point was the importance of knowing who the stealth slaves are, if any coordinated measurement of the root system is going to be possible.

Even ignoring folks who slave the zone now, is coordinated measurement of the root system realistically possible today given the business/political/philosophical environments of the root operators? This is not a rhetorical question. My impression is that we already do (a form of) sampling to obtain measurements.  I don't think this would change.

> This was the line of reasoning that led to you suggesting that perhaps people could slave with a TSIG key under a contract with someone.

Perhaps a bit pedantic, but "agreement" does not necessarily mean "contract".  As I said, there are numerous potential models here -- I did not mean to imply a contractual model was required or even necessarily desirable.

>> In the sense that you would be less dependent on entities outside of your control. If you slave the root, you (objectively) operate autonomously of any events that might occur to the root servers.
> Well, you're dependent on whoever you transfer the zone from.

Timeframes of dependence are obviously orders of magnitude different.

> All the possible outcomes I can think of that lie in this direction winds up with pockets of broken DNS due to infrastructure that none of the current operators can identify, and failures that affect only a subset of users so that a fix is not necessarily obvious.

I believe the days in which people could set up a DNS server and forget about it are past due to DNSSEC so I guess I see this as a self-correcting problem.  If a slave breaks root resolution for whatever reason, I would think the slave will be incentivized to fix it in order to stop their support lines getting saturated. If the slave is unwilling/unable to fix it, there's always 8.8.8.8 (etc).  

>> In any event, this isn't either/or, particularly since folks can and do slave the root today.  The question is how can we improve root service and/or address (perhaps non-technical) concerns folks have regarding that service in the most effective/efficient way. 
> I agree that's the question. I guess it's probably clear to you that the suggested alternative seems worse than what we have, to me.

As a member of the secret handshake society, this is not surprising (joking!).

More seriously, I acknowledge the risks associated with decentralization, however I do believe the benefits outweigh those risks. Unless/until all the root servers turn off zone transfer, ICANN decommissions their zone transfer servers, and the USG rewrites the contract with VeriSign to stop publishing the root zone on internic.net, clueful folks will be setting up root-as-slaves. Are you suggestion efforts should be made to stop this?

Regards,
-drc