On Wed, Aug 21, 2002 at 03:46:22PM -0400, Vinny Abello wrote:
I just stumbled across something I thought was interesting. All the .mil domain names used by the U.S. Military are served by one single root server.
[jabley@peppermill]% for n in a b c d e f g h i j k l m; do for> dig @${n}.root-servers.net ns mil. | egrep -qi '^mil.*NS' && \ for cmdand> echo "${n}.root-servers.net provides a delegation for MIL." for> done a.root-servers.net provides a delegation for MIL. b.root-servers.net provides a delegation for MIL. c.root-servers.net provides a delegation for MIL. d.root-servers.net provides a delegation for MIL. e.root-servers.net provides a delegation for MIL. f.root-servers.net provides a delegation for MIL. g.root-servers.net provides a delegation for MIL. h.root-servers.net provides a delegation for MIL. i.root-servers.net provides a delegation for MIL. j.root-servers.net provides a delegation for MIL. k.root-servers.net provides a delegation for MIL. l.root-servers.net provides a delegation for MIL. m.root-servers.net provides a delegation for MIL. [jabley@peppermill]% dig ns mil. ; <<>> DiG 8.3 <<>> ns mil. ;; res options: init recurs defnam dnsrch ;; got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2 ;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 5 ;; QUERY SECTION: ;; mil, type = NS, class = IN ;; ANSWER SECTION: mil. 23h59m24s IN NS PAC2.NIPR.mil. mil. 23h59m24s IN NS A.ROOT-SERVERS.NET. mil. 23h59m24s IN NS B.ROOT-SERVERS.NET. mil. 23h59m24s IN NS E.ROOT-SERVERS.NET. mil. 23h59m24s IN NS G.ROOT-SERVERS.NET. mil. 23h59m24s IN NS H.ROOT-SERVERS.NET. mil. 23h59m24s IN NS CON1.NIPR.mil. mil. 23h59m24s IN NS CON2.NIPR.mil. mil. 23h59m24s IN NS EUR1.NIPR.mil. mil. 23h59m24s IN NS EUR2.NIPR.mil. mil. 23h59m24s IN NS PAC1.NIPR.mil. ;; ADDITIONAL SECTION: A.ROOT-SERVERS.NET. 6d23h59m20s IN A 198.41.0.4 B.ROOT-SERVERS.NET. 6d23h59m20s IN A 128.9.0.107 E.ROOT-SERVERS.NET. 6d23h59m21s IN A 192.203.230.10 G.ROOT-SERVERS.NET. 6d23h59m22s IN A 192.112.36.4 H.ROOT-SERVERS.NET. 6d23h59m22s IN A 128.63.2.53 ;; Total query time: 93 msec ;; FROM: peppermill.automagic.org to SERVER: default -- 204.152.184.68 ;; WHEN: Wed Aug 21 12:56:09 2002 ;; MSG SIZE sent: 21 rcvd: 316 [jabley@peppermill]%
I thought that was a bit odd. I'm sure that one server is more than enough to handle the queries for all the .mil domains with no problem, but it doesn't seem very redundant or safe at all.
All thirteen root servers contain delegations for MIL, and there are eleven servers which will provide an authoritative response to a query for SOA (of which five are also root servers). Joe