Ooops... My apologies (before I get slammed). I forgot the query type of NS in my dig. ; <<>> DiG 9.2.1 <<>> @a.root-servers.net ns mil. ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41 ;; flags: qr aa rd; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 11 ;; QUESTION SECTION: ;mil. IN NS ;; ANSWER SECTION: mil. 86400 IN NS E.ROOT-SERVERS.NET. mil. 86400 IN NS PAC2.NIPR.mil. mil. 86400 IN NS CON1.NIPR.mil. mil. 86400 IN NS B.ROOT-SERVERS.NET. mil. 86400 IN NS A.ROOT-SERVERS.NET. mil. 86400 IN NS EUR1.NIPR.mil. mil. 86400 IN NS PAC1.NIPR.mil. mil. 86400 IN NS H.ROOT-SERVERS.NET. mil. 86400 IN NS G.ROOT-SERVERS.NET. mil. 86400 IN NS CON2.NIPR.mil. mil. 86400 IN NS EUR2.NIPR.mil. ;; ADDITIONAL SECTION: E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10 PAC2.NIPR.mil. 86400 IN A 199.252.155.234 CON1.NIPR.mil. 86400 IN A 199.252.175.234 B.ROOT-SERVERS.NET. 3600000 IN A 128.9.0.107 A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4 EUR1.NIPR.mil. 86400 IN A 199.252.154.234 PAC1.NIPR.mil. 86400 IN A 199.252.180.234 H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53 G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4 CON2.NIPR.mil. 86400 IN A 199.252.173.234 EUR2.NIPR.mil. 86400 IN A 199.252.143.234 ;; Query time: 500 msec ;; SERVER: 198.41.0.4#53(a.root-servers.net) ;; WHEN: Wed Aug 21 16:07:56 2002 ;; MSG SIZE rcvd: 412 That's better. :) Go back to your regularly scheduled threads. At 03:04 PM 8/21/2002 -0500, you wrote:
On Wed, Aug 21, 2002 at 03:46:22PM -0400, Vinny Abello wrote:
I just stumbled across something I thought was interesting. All the .mil domain names used by the U.S. Military are served by one single root server. I thought that was a bit odd. I'm sure that one server is more
than
enough to handle the queries for all the .mil domains with no problem, but it doesn't seem very redundant or safe at all. Especially for something our military uses. There's something that could be beefed up a little bit. My other thought (which others may know) was that perhaps the military runs G.ROOT-SERVERS.NET and I'm just not aware of it. Maybe it's a policy to only run .mil on what they can control? Even still, I think it might be in their best interest to setup a few more.
These are the results I got when I queried A.ROOT-SERVERS.NET:
; <<>> DiG 9.2.1 <<>> @a.root-servers.net mil. ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41 ;; flags: qr aa rd; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION: ;mil. IN A
;; AUTHORITY SECTION: mil. 86400 IN SOA G.ROOT-SERVERS.NET. HOSTMASTER.N IC.mil. 2002082000 3600 900 1209600 86400
Ummmm. The SOA MNAME field is always a single server.
bastet[~]$ dig +short mil ns @g.root-servers.net PAC1.NIPR.mil. H.ROOT-SERVERS.NET. G.ROOT-SERVERS.NET. CON2.NIPR.mil. EUR2.NIPR.mil. E.ROOT-SERVERS.NET. PAC2.NIPR.mil. CON1.NIPR.mil. B.ROOT-SERVERS.NET. A.ROOT-SERVERS.NET. EUR1.NIPR.mil. bastet[~]$
-Pete
Vinny Abello Network Engineer Server Management vinny@tellurian.com (973)300-9211 x 125 (973)940-6125 (Direct) PGP Key Fingerprint: 3BC5 9A48 FC78 03D3 82E0 E935 5325 FBCB 0100 977A Tellurian Networks - The Ultimate Internet Connection http://www.tellurian.com (888)TELLURIAN