[dns-operations] Documenting root slave operation Re: The (very) uneven distribution of DNS root servers on the Internet

Andrew Sullivan ajs at anvilwalrusden.com
Thu May 17 20:36:05 UTC 2012 

On Thu, May 17, 2012 at 01:02:39PM -0700, David Conrad wrote:
> > - increased resilience to DoS attack

It is not clear that it will offer that, it is yet less clear that it
will offer that better than simply joining in (say) l-root, and it is
nowise plain that the trade-off is wise.

> > - reduced dependence on a single point (ok, 13 points) of failure

There aren't 13, as Joe already pointed out; and it doesn't get rid of
the single point of failure at all.  On the contrary, it makes
recovery from a mistake in a couple of single points even harder.

> > - potentially improved performance

Only potentially, the trade analysis hasn't been done, and it's not
clear that this improvement is better than standing up an actual root
server node in one of the existing anycast systems.

> > - greater autonomy

This is a _problem_, not a benefit, I was arguing.

> > - reduced political whinage about not having a root server

It might provide this.

> > - greater openness and transparency

I rarely know what those words mean.  In their plain English meaning,
I think they're false in this case, as the difficulty of debugging a
failure (in the anecdote I posted earlier) seems to me to indicate.
Because nobody knew about that secret mirror, the problem took much
longer to solve.  Openness and transparency means, to me, that I can
tell who is involved in answering my query, and if the root zone is
being answered by someone not actually authorized to mirror it (and
that's not widely known), then it is less, rather than more, open and
transparent.

> If I'm reading your comments correctly, you're suggesting the right
> answer is to not document best practices for slaving the root and
> let folks figure it out on their own?

I am claiming that there are, perhaps, best ways to do it, but that
one shouldn't do it in the first place.  There's probably a best way
not to get caught robbing banks, but I don't think we should publish
manuals.  There's a best way not to get parking tickets while yet
parking without paying, but I don't think we should publish manuals
for that either.  This case lies somewhere between those examples.

Best,

A

-- 
Andrew Sullivan
ajs at anvilwalrusden.com

More information about the dns-operations mailing list