[dns-operations] New addresses for b.root-servers.net

Sat Jun 3 05:33:56 UTC 2023

On 6/2/23 3:50 PM, Wes Hardaker wrote:
> Robert Story <rstory at ant.isi.edu> writes:
> 
>> We are indeed testing with the new addresses, but it will not be
>> considered  production until 2023-11-27. The addresses and/or routes
>> may have brief or extended outages, so I wouldn't recommend switching
>> anything ahead of our announced dates for the cut-over.
> 
> Robert is correct that we are operating it (and we made sure we were
> before even announcing the upcoming change).  I think there is a good
> question as to whether or not we are supporting it fully now as a
> "production" address, to which I can say: we have no intent to stop
> advertising and supporting service to it from now on.
> 
> But, having said that, the announcement and expected change within the
> official root zone distributed by IANA will be on 2023-11-27 per the
> announcement and our agreement with IANA.  We do not recommend anyone
> switch their local root-hints files ahead of that date, as the result
> will be a resolver that actually reverts back to our current production
> date after receiving the priming query responses anyway (as only our
> current addresses are in the root zone and root-servers.net zone today).

Wes,

I am 100% behind this effort to de-centralize the root server network 
resources, and particularly excited that LACNIC has been chosen for this 
important role. We've changed root server addresses in the past, and 
while it hasn't happened in a while folks who haven't been through this 
before should know that there is no reason to panic.  :)

I am a little concerned about the plan for this change though, in the 
sense that in the past when the new addresses were announced they were 
fully operational, barring any unforeseen issues. So during the phase-in 
period (usually a year in advance of the intended cutover) folks were 
free to treat the new addresses as production, bake them into silicon, 
etc. After the cutover date the old addresses continued to answer for a 
year (or so), but folks were discouraged from continuing to use them.

I thought that Robert's announcement was clear, but I think that the 
confusion is coming because Robert's plan didn't seem to line up with 
"how we've always done it," which you've now confirmed.

I'm not saying that you need to change anything, but I think the safer 
alternative would be starting ASAP to treat the new addresses as 
production to the extent possible, since other people will do that 
anyway. I also think that gives you a more realistic chance of making 
sure that when the cutover actually happens that everything will work as 
intended.

Just want to be clear that I am offering these comments solely in the 
spirit of making sure that the project is ultimately successful.

hope this helps,

Doug