[afnog] Decreasing Access Time to Root Servers DNS by Running One on Loopback
Mark Tinka
mark.tinka at seacom.mu
Fri Nov 27 08:33:31 UTC 2015
On 27/Nov/15 10:14, Nishal Goburdhan wrote:
>
> yes, but the situation can always be made better. for example, over
> the past 18-odd months, there’s been almost a node a month, installed
> in this region. but there’s still large parts of africa that’s not
> cross-border peered, or don’t have a local DNS root instance, and
> still those, who may be reliant on satellite, and fetching this data
> from the north. a more distributed root would benefit them.
No argument there.
One has to consider the potential added complexity of operating a local
root vs. mitigating the high latency associated with the regular roots;
notwithstanding opportunities for the presence of Anycast roots
in-country or in-region, of course.
>
>
>
> here’s an unscientific set of results, from the name-server at my home
> in jnb below. only 10 of these, are what i’d call desirable.
>
> nishal at admin:~ % dig +nssearch . | awk -F ' ' '{print $10, $11, $13}'
> server 192.5.5.241 13
> server 199.7.83.42 13
> server 199.7.91.13 14
> server 192.36.148.17 15
> server 192.203.230.10 15
> server 192.58.128.30 15
> server 2001:500:3::42 18
> server 2001:7fe::53 19
> server 2001:500:2f::f 20
> server 2001:500:2d::d 33
> server 193.0.14.129 181
> server 198.41.0.4 189
> server 2001:503:c27::2:30 193
> server 192.33.4.12 195
> server 2001:503:ba3e::2:30 194
> server 2001:500:2::c 199
> server 2001:dc3::35 203
> server 2001:7fd::1 203
> server 192.112.36.4 207
> server 202.12.27.33 216
> server 128.63.2.53 272
> server 2001:500:1::803f:235 291
> server 2001:500:84::b 328
> server 192.228.79.201 346
Barring satellite-based infrastructure, anything above 45ms would be
undesirable for me. This is based on the inherent infrastructure issues
plaguing Africa. In time, I expect my tolerance levels to wane.
While there are root name servers around Africa - and we have to applaud
those who have contributed (and continue to do so) to make this happen -
I agree that more work needs to be done in this area. While I would not
advise anyone against running their own local root, I'd say we continue
the effort in deploying more root name servers within Africa in as far
as that can help, as a parallel exercise.
Personally, I'm always concerned about hacks that could be easily
forgotten for various reasons, coming back to bite you later. But I do
understand the need for this particular hack, and aren't fundamentally
against it provided one employs due caution.
Mark.
More information about the afnog
mailing list