Wes Hardaker <[email protected]> wrote: >> Yes, the fallback to root-servers.net priming as we do now probably solves it >> all... but this effort should ideally **improve** the situation, not make it worse. >> I think we should have a section on this :-)
> Note that the guidelines document already has this:
> - the list of publication points should include multiple protocols
> that can be used for fetching the IANA root zone data. Specifically
> the list should include both https and AXFR based sources.
> But the discussion has made pointed out we should add:
> - the list of publication points should include at least one point
> with an IPv4 address and at least one with an IPv6 address.
The diversity of data needs at least that, and more :-)
Magic 13 + AS112 are all diverse in v4/v6, diverse operators, diverse
geography, diverse networks... so I think we are pretty good.
> And the meta, what about 1 address of each type per protocol -- but then
> we get pretty far in the weeds. Specifically, what would we want to
> direct IANA to do when theses criteria aren't met?
I think that in many cases this won't be a surprise.
There will be some coordination such that everyone knows that there are fewer
copies of root zone data available to networks X,Y,Z in locality A.
This might be something like: Data center FOOBAR will have to shutdown for 6
months to do remediation around damage due to <natural disaster>... or.
What should IANA do? Many in some extreme cases one might extend signatures,
delay updates, ... The coordination might also be at the level of making
sure that there isn't multiply scheduled maintenance?
In some cases, it will be a surprise event. Like the volcano that cut off
Tonga.
Ideally, all such network "islands" would be able to continue to operate
locally.
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ DNSOP mailing list -- [email protected] To unsubscribe send an email to [email protected]
