North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Follow-up to "ROOT SERVERS"

  • From: Greg A. Woods
  • Date: Fri Aug 25 21:45:43 2000

[ On Friday, August 25, 2000 at 10:24:46 (-0400), Verd, Brad wrote: ]
> Subject: Follow-up to "ROOT SERVERS"
> NSI is modifying the current zone generation process to eliminate the
> existing small interval during which the com zone database file is not
> present on this nameserver.

I thought database researchers had solved this very problem decades ago.
I *know* that it's a trivial problem to solve in the most basic sense on
any modern Unix or unix-like system with the rename(2) system call, and
that call has also been widely available, and widely used, for many years.

Assuming the .COM zone database file is not created by named-xfer (if it
were then I'd expect from my cursory examination of the most recent code
that named would be doing the right thing to ensure there is absolutely
no window were the file does not exist), then I'm totally flabbergasted
that whomever is responsible for writing, and especially those
responsible for reviewing and approving, the zone file update process
made such a fundamental and critical implementation error -- one that
I'm sure even any competent CompSci student would be loathe to make!

Oddly enough your response does not indicate whether or not this
particular failure mode is related in any way to previous failures with
root and/or TLD servers.

>  Until then, NSI is manually querying the root
> zone to ensure no delegations have been automatically dropped. 

Now there's an indication of the real root of the problem (pardon the

If real-time 24x7 consistency checks haven't already been automated
*YEARS* ago by those responsible for root and TLD servers then
something's drastically wrong with the operation of the Internet!
Indeed I'd naively assumed that by now any problems with the most
critical servers would automatically be detected by redundant monitoring
and at minimum ring the pager or cell phone of at least one person!

Perhaps those of us who build such monitoring systems for far lesser
systems should just give up -- obviously our efforts are fruitless in
any more global failure....  Or do we all independently monitor all of
the critical third-party servers we rely upon, such as all of the root
and TLD servers, and then send you e-mail or page every time we spot an

							Greg A. Woods

+1 416 218-0098      VE3TCP      <[email protected]>      <robohack!woods>
Planix, Inc. <[email protected]>; Secrets of the Weird <[email protected]>