July 14, 2004

ICANN/IANA report on updating root servers

I notice that ICANN/IANA has published a new document titled IANA Administrative Procedure for Root Zone Name Server Delegation and Glue Data 

In general it is a sensible and reasonable document.

However I have concern about two aspects.

First is the following step in their procedure to validate a root zone file change:

4. Each of the servers in the request that is intended to become or remain part of the delegation is checked to be sure that the serial numbers and other information in the SOA (Start Of Authority) record match what is returned by the master (also known as primary) server for the domain. Experience shows that when these records do not match it is likely that there are other operational problems with the name server(s) that are not properly synchronized, especially when the unsynchronized server is intended to be added to the delegation.

DNS servers are not strictly synchronized, they are only very loosely coupled.  It is not uncommon for the servers handling a particular zone to be out of synchronization because one or more of the servers is simply a bit later (with "bit later" being measured in hours for thing like root servers and in days for zones deep in the DNS hierarchy.)

Just the other day we heard that Verisign will be updating .com several times a day; .org is already updated this way.  In addition to the loose coupling of servers for these zones.  The zone files for these are large and do not transfer from server to server in zero time.  Under these conditions the IANA step quoted above will more often than not find that this synchronization condition will not obtain.

This step in the processing of root zone updates should be relaxed a bit to allow for off-by-one non synchrony of servers.

Second, the report claims that "In one year the IANA staff will undertake a re-evaluation of the 512 byte limit.".  This is something for the IETF to handle and decide, not IANA.  I doubt that it will require a long winded working IETF working group, and the folks at IANA are, as always, free to participate.  But it is wrong for IANA to be making substantive decisions about matters this deep into protocols.

Posted by karl at July 14, 2004 11:34 AM