Re: national security
2003-12-07 05:30:30
On 7-dec-03, at 2:26, Paul Vixie wrote:
... (Selecting the "best" path is pretty much an after thought in
BGP: the RFC doesn't even bother giving suggestions on how to do
this.)
congradulations, you're the millionth person to think that was an
oversight.
I don't think this is an oversight, I'm pretty sure this was
intentional. However, since in practice the BGP best path selection
algorithm boils down to looking at the AS path length and this has the
tendency to be the same length for many paths, BGP is fairly useless
for deciding the best path for even low ambition definitions of the
word.
I don't have a problem with some controlled anycasting, but the root
operators shouldn't go overboard.
i don't think you will ever meet a more conservative bunch of people,
so, OK.
Excellent.
For instance, the .org zone is only served by two addresses, which are
then anycast. There have been reports from people who were unable to
reach either of these addresses when there was some kind of
reachability
problem. The people managing the .org zone are clearly lacking in
responsibility by limiting the number of addresses from which the
zone is
available without any good reason.
see the icann agreements to find out how much of this was ultradns's
choice.
Hm, nothing about this in http://www.icann.org/tlds/agreements/org/. In
fact, it talks about a maximum of 13 servers in some places. Not that
it matters much who's bright idea it was.
(And some IPv6 roots wouldn't be bad either.)
there are several. see www.root-servers.org. (now if we can just
advertise.)
Just for fun, I cooked up a named.root file with only those IPv6
addresses in it. This seems to confuse BIND such that its behavior
becomes very unpredictable. And only 2 of the 4 v6 addresses are
reachable as one isn't advertised at all and the other as a /48 which
are heavily filtered.
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: national security, (continued)
- Re: national security, Dean Anderson
- Re: national security, Iljitsch van Beijnum
- Re: national security, Paul Vixie
- Re: national security,
Iljitsch van Beijnum <=
- Re: national security, Paul Vixie
- Re: /48 micro allocations for v6 root servers, was: national security, Iljitsch van Beijnum
- Re: /48 micro allocations for v6 root servers, was: national security, Paul Vixie
- Re: /48 micro allocations for v6 root servers, was: national security, Bill Manning
- Re: /48 micro allocations for v6 root servers, was: national security, Paul Vixie
- Re: /48 micro allocations for v6 root servers, was: national security, Bill Manning
- Re: /48 micro allocations for v6 root servers, was: national security, John Stracke
- RE: /48 micro allocations for v6 root servers, was: national security, Jeroen Massar
- Re: [ipv6-wg(_at_)ripe(_dot_)net] RE: /48 micro allocations for v6 root servers, was: national security, Gert Doering
- RE: [ipv6-wg(_at_)ripe(_dot_)net] RE: /48 micro allocations for v6 root servers, was: national security, Jeroen Massar
|
|
|