updated root hints file
In preparation for tomorrow morning's B-root IP change from 128.9.0.107 to 192.228.79.201 we have posted updated root hints files. They are available from the following URLs: ftp://rs.internic.net/domain/db.cache ftp://rs.internic.net/domain/named.cache ftp://rs.ineternic.net/domain/named.root and will be available from: ftp://ftp.internic.net/domain/db.cache ftp://ftp.internic.net/domain/named.cache ftp://ftp.ineternic.net/domain/named.root Brian Brian Coppola Manager, Resolution Systems Verisign Operations and Infrastructure (O&I)
On Wed, 28 Jan 2004, Coppola, Brian wrote:
In preparation for tomorrow morning's B-root IP change from 128.9.0.107 to 192.228.79.201 we have posted updated root hints files. They are available from the following URLs:
The previous change to the root hints was November 5 2002. The previous change was five years before that. The root hints changes do not require any immediate changes by most Internet users. As long as at least one of the IP addresses in your root.zone hints file responds, your name server will automatically use the current set of root name servers. Historically it has taken over 10 years to change all the IP addresses in the root hints file. Past performance is not a guarantee of future performance, but it is likely the root hints will continue to be very stable and change slowly. Client resolvers (i.e most Windows and other end-user machines) use either their ISP or organizations name servers. Most end-users do not need to make any changes. ISP or organization system administrators will update the main name servers for their users. Software developers and operating system vendors distributing Name Server programs will need to update the hints file included in their software distribution sometime before the last IP address in the hints file changes. Operators of resolving name servers will need to update the hints file on their systems, or it may be updated as part of the future vendor software update, sometime before the last IP address changes. Until the hints file is updated, some versions of Domain Name System software will print periodic warnings in the system log to remind the system administrator to check the hints file. Operators of "shadow" or alternative roots will need to update their configurations. Since this is more or less outside the DNS, it is up to those operators to ensure consistent operation. Network operators using "golden networks" to control route flap dampening will need to update their BGP dampening configuration for the new address and to remove the old address. Until updated, dampening may incorrectly ignore routes to the new address during periods of network instability. In practice, this is a rare occurance and the other root servers will still be configured.
On Wed, 28 Jan 2004, Coppola, Brian wrote:
In preparation for tomorrow morning's B-root IP change from 128.9.0.107 to 192.228.79.201 we have posted updated root hints files. They are available from the following URLs:
sean.donalen sez: Network operators using "golden networks" to control route flap dampening will need to update their BGP dampening configuration for the new address and to remove the old address. Until updated, dampening may incorrectly ignore routes to the new address during periods of network instability. In practice, this is a rare occurance and the other root servers will still be configured.
"B" will continue to answer on -BOTH- addresses for at least 24 months. Even so, we encourage ISPs and DNS admins to make the changes at their earliest opportunity. That will leave the "tail" to clean up after those folks who may not be avid NANOG readers. :) Questions? --bill <bmanning@karoshi.com> +1.310.322.8102
On Wednesday 28 January 2004 07:19 pm, bill wrote:
"B" will continue to answer on -BOTH- addresses for at least 24 months. Even so, we encourage ISPs and DNS admins to make the changes at their earliest opportunity. That will leave the "tail" to clean up after those folks who may not be avid NANOG readers. :) Questions?
I wonder how many systems will _still_ be trying to get to b.root-servers.net at the old address in 5 or even 10 years.
--bill <bmanning@karoshi.com> +1.310.322.8102
-- Donovan Hill Electronics Engineering Technologist, CCNA www.lazyeyez.net, www.gwsn.com
On Wed, Jan 28, 2004 at 08:40:52PM -0800, Donovan Hill wrote:
On Wednesday 28 January 2004 07:19 pm, bill wrote:
"B" will continue to answer on -BOTH- addresses for at least 24 months. Even so, we encourage ISPs and DNS admins to make the changes at their earliest opportunity. That will leave the "tail" to clean up after those folks who may not be avid NANOG readers. :) Questions?
I wonder how many systems will _still_ be trying to get to b.root-servers.net at the old address in 5 or even 10 years.
-- Donovan Hill
bets are being taken. in 1996/7, we changed the default TTL in the hints file to two weeks. today there are still systems that query for b.isi, predating the creation of the TLD structure as we know it now. --bill
At 08:40 PM 28-01-04 -0800, Donovan Hill wrote:
On Wednesday 28 January 2004 07:19 pm, bill wrote:
"B" will continue to answer on -BOTH- addresses for at least 24 months. Even so, we encourage ISPs and DNS admins to make the changes at their earliest opportunity. That will leave the "tail" to clean up after those folks who may not be avid NANOG readers. :) Questions?
I wonder how many systems will _still_ be trying to get to b.root-servers.net at the old address in 5 or even 10 years.
NANOG44 in October 2008 (I believe in Phoenix) will be having a presentation by Bill Manning entitled "DNS retards". -Hank
--bill <bmanning@karoshi.com> +1.310.322.8102
-- Donovan Hill Electronics Engineering Technologist, CCNA www.lazyeyez.net, www.gwsn.com
From: "Coppola, Brian" <bcoppola@verisign.com> To: "'nanog@merit.edu'" <nanog@merit.edu> Subject: updated root hints file Date: Wed, 28 Jan 2004 21:19:43 -0500
In preparation for tomorrow morning's B-root IP change from 128.9.0.107 to 192.228.79.201 we have posted updated root hints files. They are available from the following URLs:
ftp://rs.internic.net/domain/db.cache ftp://rs.internic.net/domain/named.cache ftp://rs.ineternic.net/domain/named.root
and will be available from:
ftp://ftp.internic.net/domain/db.cache ftp://ftp.internic.net/domain/named.cache ftp://ftp.ineternic.net/domain/named.root
Brian
Brian Coppola Manager, Resolution Systems Verisign Operations and Infrastructure (O&I)
excuse me. this should be in a message from the iana signed with iana's pgp key randy
I couldn't agree more. Ray -----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf Of Randy Bush Sent: Thursday, January 29, 2004 5:46 AM To: Coppola, Brian Cc: nanog@nanog.org; iana@iana.org Subject: Re: updated root hints file
From: "Coppola, Brian" <bcoppola@verisign.com> To: "'nanog@merit.edu'" <nanog@merit.edu> Subject: updated root hints file Date: Wed, 28 Jan 2004 21:19:43 -0500
In preparation for tomorrow morning's B-root IP change from 128.9.0.107 to 192.228.79.201 we have posted updated root hints files. They are available from the following URLs:
ftp://rs.internic.net/domain/db.cache ftp://rs.internic.net/domain/named.cache ftp://rs.ineternic.net/domain/named.root
and will be available from:
ftp://ftp.internic.net/domain/db.cache ftp://ftp.internic.net/domain/named.cache ftp://ftp.ineternic.net/domain/named.root
Brian
Brian Coppola Manager, Resolution Systems Verisign Operations and Infrastructure (O&I)
excuse me. this should be in a message from the iana signed with iana's pgp key randy
Hello All , Hmmm , watching this thread & having acquired the new cache ile I did a diff on it & noticed that 'J' was changed as well (compared to MY cache file) . Did 'J' change sometime in the near past that I missed ? Tia , JimL ie: -B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201 -J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10 +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30 On Thu, 29 Jan 2004, Joe Abley wrote:
On 29 Jan 2004, at 05:46, Randy Bush wrote:
excuse me. this should be in a message from the iana signed with iana's pgp key
ftp://ftp.internic.net/domain/INTERNIC_ROOT_ZONE.signatures
(I agree, though, that a signed announcement from the proper authority would have been nice)
Joe
-- +------------------------------------------------------------------+ | James W. Laferriere | System Techniques | Give me VMS | | Network Engineer | 3542 Broken Yoke Dr. | Give me Linux | | babydr@baby-dragons.com | Billings , MT. 59105 | only on AXP | +------------------------------------------------------------------+
Well the answer is yes it changed a little while ago, having searched for a link to post I cant find one, thats bad.. http://www.root-servers.org/ seems to only have news on I's ASN change, no mention of B or J or the anycast F/K/I's ... methinks this info should have a home on this site.. Steve On Fri, 30 Jan 2004, Mr. James W. Laferriere wrote:
Hello All , Hmmm , watching this thread & having acquired the new cache ile I did a diff on it & noticed that 'J' was changed as well (compared to MY cache file) . Did 'J' change sometime in the near past that I missed ? Tia , JimL ie:
-B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
-J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10 +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
On Thu, 29 Jan 2004, Joe Abley wrote:
On 29 Jan 2004, at 05:46, Randy Bush wrote:
excuse me. this should be in a message from the iana signed with iana's pgp key
ftp://ftp.internic.net/domain/INTERNIC_ROOT_ZONE.signatures
(I agree, though, that a signed announcement from the proper authority would have been nice)
Joe
On Thu, 29 Jan 2004, Stephen J. Wilcox wrote:
Well the answer is yes it changed a little while ago, having searched for a link to post I cant find one, thats bad..
http://www.ripe.net/ripe/mail-archives/dns-wg/2002/msg00002.html
http://www.root-servers.org/ seems to only have news on I's ASN change, no mention of B or J or the anycast F/K/I's ... methinks this info should have a home on this site..
Agreed. Regards, Jess. -- Jess Kitchen ^ burstfire.net[works] _$ | www.burstfire.net.uk
On 29.01 15:36, Jess Kitchen wrote:
http://www.root-servers.org/ seems to only have news on I's ASN change, no mention of B or J or the anycast F/K/I's ... methinks this info should have a home on this site..
If you folow the link from this site to http://k.root-servers.org/ you will find info about K's anycast instances. We will add them to the table too, just for completeness. Daniel
Well the answer is yes it changed a little while ago, having searched for a link to post I cant find one, thats bad..
http://www.root-servers.org/ seems to only have news on I's ASN change, no mention of B or J or the anycast F/K/I's ... methinks this info should have a home on this site..
why this site?
Steve
On Fri, 30 Jan 2004, Mr. James W. Laferriere wrote:
Hello All , Hmmm , watching this thread & having acquired the new cache ile I did a diff on it & noticed that 'J' was changed as well (compared to MY cache file) . Did 'J' change sometime in the near past that I missed ? Tia , JimL ie:
-B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
-J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10 +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
On Thu, 29 Jan 2004, Joe Abley wrote:
On 29 Jan 2004, at 05:46, Randy Bush wrote:
excuse me. this should be in a message from the iana signed with iana's pgp key
ftp://ftp.internic.net/domain/INTERNIC_ROOT_ZONE.signatures
(I agree, though, that a signed announcement from the proper authority would have been nice)
Joe
On Thu, Jan 29, 2004 at 10:44:42PM -0800, bill <bmanning@karoshi.com> wrote a message of 54 lines which said:
http://www.root-servers.org/ seems to only have news on I's ASN change, no mention of B or J or the anycast F/K/I's ... methinks this info should have a home on this site..
why this site?
Which site do you suggest?
On Thu, Jan 29, 2004 at 10:44:42PM -0800, bill <bmanning@karoshi.com> wrote a message of 54 lines which said:
http://www.root-servers.org/ seems to only have news on I's ASN change, no mention of B or J or the anycast F/K/I's ... methinks this info should have a home on this site..
why this site?
Which site do you suggest?
the rssac site comes to mind, or B might put up a public site. but you did not answer my question. --bill
On Thu, 29 Jan 2004, bill wrote:
Well the answer is yes it changed a little while ago, having searched for a link to post I cant find one, thats bad..
http://www.root-servers.org/ seems to only have news on I's ASN change, no mention of B or J or the anycast F/K/I's ... methinks this info should have a home on this site..
why this site?
I wanted info on root servers, root-servers.org seemed a good place, icann and iana were my second tries, then google, then i gave up.. someone mentioned k.root-servers.org, okay i didnt think to try that but i'd say the summary info and changes could be on www. otherwise i'm going to get bored checking 13 sites Steve
Steve
On Fri, 30 Jan 2004, Mr. James W. Laferriere wrote:
Hello All , Hmmm , watching this thread & having acquired the new cache ile I did a diff on it & noticed that 'J' was changed as well (compared to MY cache file) . Did 'J' change sometime in the near past that I missed ? Tia , JimL ie:
-B.ROOT-SERVERS.NET. 3600000 A 128.9.0.107 +B.ROOT-SERVERS.NET. 3600000 A 192.228.79.201
-J.ROOT-SERVERS.NET. 3600000 A 198.41.0.10 +J.ROOT-SERVERS.NET. 3600000 A 192.58.128.30
On Thu, 29 Jan 2004, Joe Abley wrote:
On 29 Jan 2004, at 05:46, Randy Bush wrote:
excuse me. this should be in a message from the iana signed with iana's pgp key
ftp://ftp.internic.net/domain/INTERNIC_ROOT_ZONE.signatures
(I agree, though, that a signed announcement from the proper authority would have been nice)
Joe
On Wed, Jan 28, 2004 at 09:19:43PM -0500, Coppola, Brian <bcoppola@verisign.com> wrote a message of 22 lines which said:
In preparation for tomorrow morning's B-root IP change from 128.9.0.107 to 192.228.79.201
I notice trouble to reach the new server from many places. Here a machine connected by Global Crossing: master:~ % dig @192.228.79.201 SOA . ; <<>> DiG 9.2.1 <<>> @192.228.79.201 SOA . ;; global options: printcmd ;; connection timed out; no servers could be reached
From other places, it works. I cannot find a common pattern.
When it fails, the traceroute looks like (here from 146.82.138.7): master:~ % traceroute 192.228.79.201 traceroute to 192.228.79.201 (192.228.79.201), 30 hops max, 38 byte packets 1 mauser.brainfood.com (146.82.138.1) 0.232 ms 0.165 ms 0.121 ms 2 146.82.136.53 (146.82.136.53) 0.514 ms 0.478 ms 0.450 ms 3 146.82.136.9 (146.82.136.9) 0.422 ms 0.388 ms 0.368 ms 4 332.ge12-0.mpr1.dfw2.us.above.net (209.133.66.58) 0.828 ms 0.857 ms 1.162 ms 5 so-3-0-0.cr2.dfw2.us.above.net (216.200.127.217) 1.001 ms 0.990 ms 0.943 ms 6 pos3-0.er1.atl4.us.above.net (216.200.127.225) 18.004 ms 17.945 ms 17.921 ms 7 pos14-0.pr1.atl4.us.above.net (64.125.30.242) 18.015 ms 17.985 ms 17.954 ms 8 so-1-3.hsa2.Atlanta1.Level3.net (209.0.227.161) 18.123 ms 18.006 ms 17.997 ms 9 ge-6-2-1.bbr1.Atlanta1.Level3.net (64.159.3.73) 18.341 ms 18.142 ms 18.224 ms 10 so-3-0-0.mpls1.Tustin1.Level3.net (209.247.8.121) 53.037 ms 52.893 ms 53.471 ms 11 so-9-0.hsa1.Tustin1.Level3.net (209.244.27.174) 52.944 ms so-10-0.hsa1.Tustin1.Level3.net (209.244.27.154) 52.913 ms so-9-0.hsa1.Tustin1.Level3.net (209.244.27.174) 52.884 ms 12 * * * 13 130.152.181.66 (130.152.181.66) 63.972 ms 65.680 ms 63.889 ms 14 * * * 15 * * * When it succeeds, I get (here from 66.93.172.18): voltaire:~ % traceroute 192.228.79.201 traceroute to 192.228.79.201 (192.228.79.201), 30 hops max, 38 byte packets 1 dsl093-172-001.pit1.dsl.speakeasy.net (66.93.172.1) 386.978 ms 59.405 ms 125.981 ms 2 border1.g4-3.speakeasy-40.wdc.pnap.net (63.251.83.187) 164.026 ms 306.738 ms 548.859 ms 3 core2.ge3-1-bbnet2.wdc002.pnap.net (216.52.127.72) 33.304 ms 242.007 ms 184.611 ms 4 ge-5-1-181.ipcolo1.Washington1.Level3.net (63.210.59.237) 78.556 ms 464.994 ms 357.447 ms 5 ae-0-56.bbr2.Washington1.Level3.net (64.159.18.162) 252.687 ms 518.383 ms 402.284 ms 6 so-3-0-0.mpls1.Tustin1.Level3.net (209.247.8.121) 631.193 ms 485.623 ms 500.692 ms 7 so-9-0.hsa1.Tustin1.Level3.net (209.244.27.174) 460.843 ms 259.303 ms 339.851 ms 8 67.30.130.66 (67.30.130.66) 305.469 ms 312.075 ms 341.656 ms 9 130.152.181.66 (130.152.181.66) 373.986 ms 499.069 ms 518.800 ms 10 b.root-servers.net (192.228.79.201) 461.216 ms 448.530 ms 488.763 ms So, apparently, 67.30.130.66 does not know how to reply to many places. IP addresses which have the problem: 192.134.4.152, 146.82.138.7, 194.117.194.82, 62.23.209.250.
participants (14)
-
bill -
bill -
Coppola, Brian -
Daniel Karrenberg -
Donovan Hill -
Hank Nussbacher -
Jess Kitchen -
Joe Abley -
Mr. James W. Laferriere -
Randy Bush -
Ray Plzak -
Sean Donelan -
Stephane Bortzmeyer -
Stephen J. Wilcox