[dns-operations] 答复: L-Root IPv6 Address renumbering

Shane Kerr shane at time-travellers.org
Fri Mar 11 09:41:25 UTC 2016


Davey,

In my past experience with Internet-scale migrations, you have a few
people who update ASAP, a few people who wait until right before the
deadline, and most people fix things when their systems break (if
ever). I doubt a root renumbering is any different.

The root server system is highly redundant, and we are only talking
about 1 of 11 IPv6 addresses for these servers, or 1 of 24 addresses
overall. I doubt a single resolver would fail to resolve if any of the
root servers turned off its IPv6 today. (Probably true for IPv4 too,
although A is probably still "special" in some setups.)

IMHO the L root can be turned off right away, although I agree that
waiting some time seems reasonable.

----

I had a quick look at the RSSAC statistics for the 8 of the 12 root
operators that reports them.

http://stats.dns.icann.org/rssac/

Because these are aggregate numbers, we can't know the overlap between
the values reported by each server. That is, every one of the 204139
IPv6 addresses reported for H may also be one of the 204826 IPv6
addresses reported for K... or none of them may be. We have no way to
know.

Still, it is clear that L is the most widely used root server,
reporting almost 4x as many unique IPv6 addresses as the rest of the
servers and (2x as many unique IPv4 addresses as the rest).

Based on that one might think that L is more "important" than other
root servers - at least from the IPv6 point of view. But I don't think
that changes the logic. Nothing will break, so waiting to shutdown the
old address doesn't provide any real benefit, apart from academic
interest. (I admit to looking forward to a presentation about this at a
future DNS OARC meeting!) :)

Cheers,

--
Shane

At 2016-03-11 14:23:56 +0800
Davey Song(宋林健) <ljsong at biigroup.cn> wrote:

> Sorry but I have more question. 
> 
> If there is still non-trivial volume of traffic to L root after 6 month, what should L-root operator do? Is there any way to tell how much (percentage ) onetime resolvers change to new address ? Is there any evidence or experience to tell the traffic is generated by real resolver or scanning/monitoring system.
> 
> Davey
> -----邮件原件-----
> 发件人: dns-operations [mailto:dns-operations-bounces at dns-oarc.net] 代表 Terry Manderson
> 发送时间: 2016年3月11日 12:13
> 收件人: Yasuhiro Orange Morishita / 森下泰宏; Mauricio Vergara
> 抄送: dns-operations at dns-oarc.net
> 主题: Re: [dns-operations] L-Root IPv6 Address renumbering
> 
> Hi Yasuhiro,
> 
> The existing IPv6 address will be kept in service for at least another 6 months after the transition or when we see less than 1 valid DNS query per second. Which ever occurs first.
> 
> Cheers
> Terry
>  
> 
> 
> On 11/03/2016, 12:31 AM, "dns-operations on behalf of Yasuhiro Orange Morishita / 森下泰宏" <dns-operations-bounces at dns-oarc.net on behalf of yasuhiro at jprs.co.jp> wrote:
> 
> >A question: How long will the old IPv6 address continue the L-Root 
> >service after the change?
> >
> >-- Orange
> >
> >--
> >Yasuhiro 'Orange' Morishita
> >Japan Registry Services Co., Ltd. (JPRS)
> >
> >From: Mauricio Vergara <mauricio.vergara at icann.org>
> >Date: Wed, 9 Mar 2016 21:29:38 +0000
> >  
> >> This is an advance notice that there is a scheduled change to the 
> >> IPv6 addresses in the DNS Root Zone for the L root-server, also known 
> >> as L.ROOT-SERVERS.NET, which is administered by ICANN.
> >> 
> >> The current IP addresses for the L.ROOT-SERVERS.NET service are:
> >> 
> >> 199.7.83.42
> >> 2001:500:3::42
> >> 
> >> As of March 23, 2016; the new IP addresses for the L.ROOT-SERVERS.NET 
> >> service will be:
> >> 
> >> 199.7.83.42
> >> 2001:500:9f::42
> >> 
> >> The change will be implemented on the root zone on March 23, 2016 
> >> 2100UTC,  however the new address is already operational.
> >> 
> >> We encourage DNS infrastructure operators to update their DNS 
> >> resolvers root "hints² files ASAP.
> >> 
> >> New hints files will be available at the usual URLs once the change 
> >> has been formally executed on March 23, 2016:
> >> 
> >> http://www.internic.net/domain/named.root
> >> http://www.internic.net/domain/named.cache
> >> 
> >> 
> >> --
> >> Mauricio Vergara Ereche
> >> Lead DNS Engineer
> >> ICANN
> >> Los Angeles, CA
> >> 
> >> 
> >> 
> >> 
> >>   
> >
> >_______________________________________________
> >dns-operations mailing list
> >dns-operations at lists.dns-oarc.net
> >https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> >dns-jobs mailing list
> >https://lists.dns-oarc.net/mailman/listinfo/dns-jobs  
> 
> 
> 
> 
> _______________________________________________
> dns-operations mailing list
> dns-operations at lists.dns-oarc.net
> https://lists.dns-oarc.net/mailman/listinfo/dns-operations
> dns-jobs mailing list
> https://lists.dns-oarc.net/mailman/listinfo/dns-jobs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <https://lists.dns-oarc.net/pipermail/dns-operations/attachments/20160311/b1200054/attachment.sig>


More information about the dns-operations mailing list