ICANN/GNSO GNSO Email List Archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

[ga] The twits at ICANN are at it again

  • To: ga <ga@xxxxxxxxxxxxxx>
  • Subject: [ga] The twits at ICANN are at it again
  • From: Joe Baptista <baptista@xxxxxxxxxxxxxx>
  • Date: Sun, 11 Nov 2007 11:33:15 -0500


This is inappropriate behaviour from ICANN and a clear indication that technically they have no common sense.

Every time they retire the root servers they put the Internet at risk of fracturing. And after repeated warnings they are at it again. In this case the fracture involves the removal of a root servers - theirs - L root.

http://www.theregister.co.uk/2007/11/06/icann_rolls_out_new_root_name_server_address/

An interesting point made by the article attests that "the old IP address - 198.32.64.12 - wasn't officially under ICANN's control". Indeed the article is correct. It is under the control of Bill Manning, a former root operator with the IANA root. ICANN should of known better then to have launched a root on ARPA IP infrastructure not under its control.

$ whois 198.32.64.12

OrgName:    Exchange Point Blocks
OrgID:      EPB
Address:    PO 12317
City:       Marina del Rey
StateProv:  CA
PostalCode:
Country:    US

NetRange:   198.32.0.0 - 198.32.255.255
CIDR:       198.32.0.0/16
NetName:    NET-EP-1
NetHandle:  NET-198-32-0-0-1
Parent:     NET-198-0-0-0-0
NetType:    Direct Assignment
NameServer: DOT.EP.NET
NameServer: FLAG.EP.NET
Comment:
RegDate:    1997-06-09
Updated:    2001-12-17

RTechHandle: WM110-ARIN
RTechName:   Manning, Bill
RTechPhone:  +1-310-322-8102
RTechEmail:  bmanning@xxxxxxxxxxx

# ARIN WHOIS database, last updated 2007-11-10 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

Good for you Bill Manning - tech those ICANN buggers the rules. Go manning Go.

But the truth here is that the L root at 198.32.64.12 will continue to receive queries forever. That is the nature of IP and root infrastructure. The L root at 198.32.64.12 will continue to receive queries forever because most of the installed root.cache files on DNS servers world wide are hard coded with the IP address 198.32.64.12.

There are also security risks in retireing an IP address that is used for root service. The IP address at 198.32.64.12 become a RISK point to Internet security. If the IP address gets highjaked a single operator could shut down the Internet or redirected it via IP 198.32.64.12. I did that to the country of Turkey recently. I redirected a root under my control in the Inclusive Name Space to cnn in order to get rid of the traffic. It works. You lose alot of the traffic off the IP. Not all of it. Lots of servers configured with old infrastructure are automated - but not monitored.

I warned ICANN about this risk the last time they dropped a root server from the legacy IANA infrastructure. They didn't pay any attention back then. I'm glad today they have decided to fix the problem with non owned infrastructure operating as a root IP by getting their own. Well played - a few years too late.

Cheers
Joe Baptista

--
Joe Baptista                                www.publicroot.org
PublicRoot Consortium
----------------------------------------------------------------
The future of the Internet is Open, Transparent, Inclusive,
Representative & Accountable to the Internet community @large.
----------------------------------------------------------------
 Office: +1 (202) 517-1593
    Fax: +1 (509) 479-0084

begin:vcard
fn:Joe Baptista
n:Baptista;Joe
org:PublicRoot Consortium
adr:;;963 Ford Street;Peterborough;Ontario;K9J 5V5 ;Canada
email;internet:baptista@xxxxxxxxxxxxxx
title:PublicRoot Representative
tel;fax:+1 (509) 479-0084 
tel;cell:+1 (416) 912-6551
x-mozilla-html:FALSE
url:http://www.publicroot.org
version:2.1
end:vcard



<<< Chronological Index >>>    <<< Thread Index >>>