Andrius Kasparavicius wrote:
wow, last time I checked root servers(several weeks ago, they was unreacheble-not operational.. now looks great:
F: 11 2001:500::1035 (2001:500::1035) 192.812 ms 192.25 ms 192.513 ms
only one BGP path to 2001:500::/48 prefix ;( anyway it works! :
H: unreachible, no BGP paths to 13 ASn, maybe /48 get's filtered?
IMHO they should be filtered, it's not a TLA. Just give those *root*servers a /32 like the rest, saving on filtering headaches. Notez bien http://www.space.net/~gert/RIPE/ipv6-filters.html states: "In addition to this, inside 2001:500::/32, the lists permits /48s. This network block is the ARIN microallocation block, and ARIN is assigning /48s directly to end networks (like root name servers)." But still I don't like any 'specialties'... but that is my opinion ;) Btw 2001:1488::/32 CZ-NIC-20030620, I surely don't hope that is for a tld server because that is something entirely different. Rootservers need to be hardcoded, by IP into configs. TLD servers can get resolved (and thus changed) in those rootservers.
and what about anycast implementation for root servers? It would be great in perfomance, dunno in security & how stable it could be in attacs..
I'll try to add F to my bind root servers ;)
Btw why don't these servers have a AAAA record in DNS? $ host -t aaaa f.root-servers.org $ host -t aaaa h.root-servers.org Also what is the difference between root-servers.org and root-servers.net: $ host k.root-servers.org k.root-servers.org. has address 193.0.0.203 $ host k.root-servers.net k.root-servers.net. has address 193.0.14.129 Maybe someone can sync those? (SOA's cc:'d) I think .org is lagging behind btw as the .net version is the distributed K. And .net is pointed down from the root (.). Also note that K, and some others, are distributed is that going to happen for their IPv6 equivs too ? Greets, Jeroen