[dns-operations] root? we don't need no stinkin' root!

Paul Ebersman list-dns-operations at dragon.net
Wed Nov 27 03:18:02 UTC 2019


ebersman> IPv4 reachable traditional DNS servers for some tiny group of
ebersman> antique folks will be needed for years, even if we get 99+% of
ebersman> the world to some new system.

mallman> I wonder if we're ever allowed to just decide this sort of
mallman> thing is ridiculous old shit and for lots of reasons we can and
mallman> should just garbage collect it away.

We aren't allowed as IETF/engineers. The world sort of is. ;)

Eventually, someone wonders why they're burning money on something they
don't see a need for any more.

Sadly, based on the number of IBM AS400s in service, the COBOL programs
with no source still being used, SNA, X.25 and all sorts of other stuff
that you'd think would have been dead decades ago, I'm not betting on
this happening any time soon.

mallman> To me, this whole notion is that we can in fact get rid of this
mallman> giant network service.  If we don't get rid of it then what is
mallman> the incentive to move one's own resolver away from using the
mallman> root nameservers?

But what would we replace it with? Who would run it? How would we get
uniqueness, data integrity, high availability, decent coherence? How
would we get something the entire world would use?

Part of why DNS is so abused and misused is that it's already here and
it mostly scales/works. We did it before the world knew about the
internet. Now there's way more attention, money, and politics that get
in the way of truly massive changes. If DNS started from scratch today,
it's not clear it would happen.

Not saying it's impossible but it will be a daunting task and will have
to be really really compelling (or be the next user loved
shiny-ball/Pokemon). Look at how much fun and progress there is moving
from IPv4 to IPv6.

mallman> Maybe 99% lets us draw down the size of the root
mallman> infrastructure...I dunno.  But, if we don't say something like
mallman> "it's going to go away" then I am not sure resolvers will move
mallman> away from it.

The problem/load isn't the folks that would upgrade. It's crap broken
code/devices that are in many cases forgotten in closets or under
desks. The magic blue smoke will have to pour out the back before they
stop sending useless crap to the root servers.

A6 records were never officially "blessed". We went with AAAA. We were
all pretty sure they would never be used. But last I heard, the root
servers still see A6 queries. Google for Geoff Huston's zombie DNS preso
for more scary/bad stories.

Love to see your proposal for a replacement. Just be prepared to have to
support whatever that is and DNS both for a very long time.



More information about the dns-operations mailing list