DNS: RFC Compliance and Bunny Hops.

DNS: RFC Compliance and Bunny Hops.

From: Adam Todd <at§ah.net>
Date: Thu, 02 Apr 1998 12:12:43 +1000
>> Hmm, last time I looked The servers I sponsor for AURSC and those sponsored
>> by other members conformed to RFC 2010.  Must be REAL root servers.
>
>Bzzzt. Wrong.
>
>See below for a list of things where your servers break this RFC. This is
>just from a quick look through - I'm sure there's probably more if I could
>be bothered looking.

>------------------------------------------------------------
>Indented bits are from the fabled RFC 2010, non-indented are my

Scott - fabled means "ficticious, does not exist in reality."  I guess your
saying the RFC is not real?  Yet you seem to support it as much as I do. Hmm?

>comments/observations of rs{1,2,3}.aursc.ah.net.
>
>   2.3. Dedicated host.  A name server host should have no other
>   function, and no login accounts other than for system or network
>   administrators.  No other network protocols should be served by a
>   name server host (e.g., SMTP, NNTP, FTP, et al).  If login is
>   permitted from other than the system console, then the login service
>   must be by encrypted channel (e.g., Kerberized and encrypted
>   rlogin/telnet, the secure shell (SSH), or an equivilent).
>
>
>marvin:~$ telnet rs3.aursc.ah.net. 25
>Trying 203.29.72.14...
>Connected to rs3.aursc.ah.net.
>Escape character is '^]'.
>220 jupiter ESMTP Sendmail 8.8.7/8.8.7; Thu, 2 Apr 1998 12:44:18 +1000
>quit
>221 jupiter closing connection
>Connection closed by foreign host.

That's interesting. I'll be checking on that today.  It has been fixed. An
oversight, totally my fault I didn't check the server completely.  I just
installed the RS fucntions.

>marvin:~$ telnet rs2.aursc.ah.net. 80
>Trying 203.21.205.3...
>Connected to rs2.aursc.ah.net.
>Escape character is '^]'.
>HEAD / HTTP/1.0
>
>HTTP/1.0 200 OK
>Date: Wed, 01 Apr 1998 23:30:58 GMT
>Server: Apache/1.1.3
>Content-type: text/html
>Content-length: 416
>Last-modified: Wed, 03 Jul 1996 06:18:16 GMT

Your truely convinced it's running on that machine?  I see.

You have no idea what happens when data enters our router.  It could be
redirected for all you know.  Anyway I've turned the redirector off as it's
misleading and serve no purpose - at least not right now.

>   2.6. Physical environment.  A name server host must be located in a
>   secure space such as a locked computer room or a data center with
>
>I can't see redundant links to rs1.aursc.ah.net or rs2.aursc.ah.net.

Funny, I can see three.  I guess you know everything.

>   2.12. Recursion shall be disabled for queries.
>
>Not so for rs3.aursc.ah.net.

Thanks for that notice Scott, I was aware of this.  Recusion was being
experimented to see if it improved performance.  The server was only
allowed to fetch data from an AHNET DNS Server, but it did nothing of value
during the experimentation period so was forgotten, this has been rectified.

>   3.1. Host population.  A server's location on the network should be
>   such that it has a low IP hop count to a high number of end hosts.
>   Duplication of service should be avoided, such that any given set of
>   end hosts needs to have a low IP hop count to at most one authority
>   server for any given zone.
>
>traceroute to rs1.aursc.ah.net (203.21.205.2), 30 hops max, 40 byte packets
>[...]
> 6  amaze1.lnk.telstra.net (139.130.33.6)  149.503 ms  144.59 ms  139.551 ms
> 7  rs1.aursc.ah.net (203.21.205.2)  139.617 ms  135.321 ms  129.415 ms
>
>traceroute to rs2.aursc.ah.net (203.21.205.3), 30 hops max, 40 byte packets
>[...]
> 6  amaze1.lnk.telstra.net (139.130.33.6)  210.112 ms  134.291 ms  129.446 ms
> 7  rs2.aursc.ah.net (203.21.205.3)  139.598 ms  165.017 ms  149.676 ms

Hmm, what happens if you trace to the following:

A.ROOT-SERVER.NET
B.ROOT-SERVER.NET
C.ROOT-SERVER.NET

More than 7 hops huh?  Shucks, what can I say, I guess AURSC is more
qualified than what you call the "real" root servers.

Thanks for pointing out the "real" root servers (as you call them) break
RFC 2010 protocol.

Thanks for taking the time to help us ensure AURSC servers meet the minimum
requirements.  We appreciate your help.

We also welcome your intended us of the servers, as clealy they are much
closer to you than the IANA root servers and I'm sure perforamnce will be
greating in such case.  A lower hop count has to give some benefit.  Appart
from the fact that AURSC servers are only 139 ms average away from you and
the US based serversa re in excess of 300 ms.

:)

Yet another point proven thanks to the help of the Public.
Received on Thu Apr 02 1998 - 13:36:44 UTC

This archive was generated by hypermail 2.3.0 : Sat Sep 09 2017 - 22:00:03 UTC