As a (not too) humble regular DNS user as opposed to an insider... What is
the worst case scenerio on this, anyway?
It seems to me our buddies and the North American power reliabability board;
(whatever) would say they can't POSSIBLY fail such that power is out for
days. Yet it happened. I think killed some folks here and there too.
It seems to me, I'm speaking from a skeptical approach which is always the
best when the downsides big.
If all the root operators had an offline copy of there DNS entries and
rolled back 24 hours in a crisis, so what? 99.99% of DNS UDP's would
resolve, a few new ones would be troubled. No Anycast, no BGP, just rollback
a day and reassess the systemic failure for a next plan. Turn all that off
and think for a day or so.
It seems to me a smaller chance but a non-trivial one is for the whole thing
to become unreliable because the (maybe) millions of subdomains get
clobbered. For instance, I think I'm right that the subdomain www.
{anything} is incredibly distributed. Never a SOA at a TLD ccTLD... You know
what I mean.
If a "WWW snagger" rewriter virus existed that left 100% of the root servers
perfect (either due to a brillant management plan, disinterest, or dumb
luck, etc.) but www.{any} didn't work, the loss of functionality would be
close to having the roots lost, wouldn't it?
Harder to fix, because the people involved haven't been to a fancy workshop
of what if's. And there hard to contact because suddenly internet is
unreliable. There was an outage in the switched telephone system much like
this about 12 years ago. None of the technocrats who could fix it could find
each other, so the outage persisted for a long time until an unnamed vendor!
bicyled new binaries to 400 phone switches.
regards
Dan
Dan Kolis - Lindsay Electronics Ltd dank(_at_)hq(_dot_)lindsayelec(_dot_)com
50 Mary Street West, Lindsay Ontario Canada K9V 2S7
(705) 324-2196 X272 (705) 324-5474 Fax
An ISO 9001 Company;
/Document end