#rootservers — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #rootservers, aggregated by home.social.
-
At #ICANN, they currently discuss the rollover of a root KSK. They switch from an #RSA based key to an elliptic curve algorithm. From algorithm 8 to algorithm 13, a common observation in the past 2 or 3 years.
There will be a multi-year (~3 years) transition period in which both algorithms run in parallel.
Anyone want to read upon it, here is the proposal
-
At #ICANN, they currently discuss the rollover of a root KSK. They switch from an #RSA based key to an elliptic curve algorithm. From algorithm 8 to algorithm 13, a common observation in the past 2 or 3 years.
There will be a multi-year (~3 years) transition period in which both algorithms run in parallel.
Anyone want to read upon it, here is the proposal
-
At #ICANN, they currently discuss the rollover of a root KSK. They switch from an #RSA based key to an elliptic curve algorithm. From algorithm 8 to algorithm 13, a common observation in the past 2 or 3 years.
There will be a multi-year (~3 years) transition period in which both algorithms run in parallel.
Anyone want to read upon it, here is the proposal
-
At #ICANN, they currently discuss the rollover of a root KSK. They switch from an #RSA based key to an elliptic curve algorithm. From algorithm 8 to algorithm 13, a common observation in the past 2 or 3 years.
There will be a multi-year (~3 years) transition period in which both algorithms run in parallel.
Anyone want to read upon it, here is the proposal
-
At #ICANN, they currently discuss the rollover of a root KSK. They switch from an #RSA based key to an elliptic curve algorithm. From algorithm 8 to algorithm 13, a common observation in the past 2 or 3 years.
There will be a multi-year (~3 years) transition period in which both algorithms run in parallel.
Anyone want to read upon it, here is the proposal
-
Exploring some insights of the #DNS root servers, and I discovered this small bump of
NOTIMPrepsonse codes ofa.root-servers.net, operated by #Verisign. I checked other server instances with public statistics, and alsok.root-servers.net, operated by #RIPE observed an uptick inREFUSEDresponses at around that time.Does anyone have a clue what was going on last year shortly before the Christmas days?
-
Exploring some insights of the #DNS root servers, and I discovered this small bump of
NOTIMPrepsonse codes ofa.root-servers.net, operated by #Verisign. I checked other server instances with public statistics, and alsok.root-servers.net, operated by #RIPE observed an uptick inREFUSEDresponses at around that time.Does anyone have a clue what was going on last year shortly before the Christmas days?
-
Exploring some insights of the #DNS root servers, and I discovered this small bump of
NOTIMPrepsonse codes ofa.root-servers.net, operated by #Verisign. I checked other server instances with public statistics, and alsok.root-servers.net, operated by #RIPE observed an uptick inREFUSEDresponses at around that time.Does anyone have a clue what was going on last year shortly before the Christmas days?
-
Exploring some insights of the #DNS root servers, and I discovered this small bump of
NOTIMPrepsonse codes ofa.root-servers.net, operated by #Verisign. I checked other server instances with public statistics, and alsok.root-servers.net, operated by #RIPE observed an uptick inREFUSEDresponses at around that time.Does anyone have a clue what was going on last year shortly before the Christmas days?
-
Exploring some insights of the #DNS root servers, and I discovered this small bump of
NOTIMPrepsonse codes ofa.root-servers.net, operated by #Verisign. I checked other server instances with public statistics, and alsok.root-servers.net, operated by #RIPE observed an uptick inREFUSEDresponses at around that time.Does anyone have a clue what was going on last year shortly before the Christmas days?
-
Just noticed this report of June 2025 root server's IPv4 prefix hijack for 8/13 of the root server operators https://root-servers.org/media/news/2025-06-20_route_hijack.pdf
-
Just noticed this report of June 2025 root server's IPv4 prefix hijack for 8/13 of the root server operators https://root-servers.org/media/news/2025-06-20_route_hijack.pdf
-
Just noticed this report of June 2025 root server's IPv4 prefix hijack for 8/13 of the root server operators https://root-servers.org/media/news/2025-06-20_route_hijack.pdf
-
Just noticed this report of June 2025 root server's IPv4 prefix hijack for 8/13 of the root server operators https://root-servers.org/media/news/2025-06-20_route_hijack.pdf
-
Just noticed this report of June 2025 root server's IPv4 prefix hijack for 8/13 of the root server operators https://root-servers.org/media/news/2025-06-20_route_hijack.pdf
-
Do not read this as criticism of #ipinfo, but I am surprised to see that the
b,i,k,landm#DNS root servers have the "privacy" flag set, meaning the IPs attempted to "hide" themselves. IPInfo suggests methods such as #VPN services. I doubt that.Also, all 13 root server IPs are flagged as #anycast. I thought, there are still ~some~ servers not yet anycasted, but Wikipedia confirms otherwise. Well, well, well...
-
Do not read this as criticism of #ipinfo, but I am surprised to see that the
b,i,k,landm#DNS root servers have the "privacy" flag set, meaning the IPs attempted to "hide" themselves. IPInfo suggests methods such as #VPN services. I doubt that.Also, all 13 root server IPs are flagged as #anycast. I thought, there are still ~some~ servers not yet anycasted, but Wikipedia confirms otherwise. Well, well, well...
-
Do not read this as criticism of #ipinfo, but I am surprised to see that the
b,i,k,landm#DNS root servers have the "privacy" flag set, meaning the IPs attempted to "hide" themselves. IPInfo suggests methods such as #VPN services. I doubt that.Also, all 13 root server IPs are flagged as #anycast. I thought, there are still ~some~ servers not yet anycasted, but Wikipedia confirms otherwise. Well, well, well...
-
Do not read this as criticism of #ipinfo, but I am surprised to see that the
b,i,k,landm#DNS root servers have the "privacy" flag set, meaning the IPs attempted to "hide" themselves. IPInfo suggests methods such as #VPN services. I doubt that.Also, all 13 root server IPs are flagged as #anycast. I thought, there are still ~some~ servers not yet anycasted, but Wikipedia confirms otherwise. Well, well, well...
-
Do not read this as criticism of #ipinfo, but I am surprised to see that the
b,i,k,landm#DNS root servers have the "privacy" flag set, meaning the IPs attempted to "hide" themselves. IPInfo suggests methods such as #VPN services. I doubt that.Also, all 13 root server IPs are flagged as #anycast. I thought, there are still ~some~ servers not yet anycasted, but Wikipedia confirms otherwise. Well, well, well...
-
This one is a pretty long read, and it goes into details of observed #NXDOMAIN patterns with a bias towards the #DNS landscape in #China. I did not expect to see so much leakage of non-public TLDs, but I guess that - despite the bias towards Chinese networks- it probably looks similar in other parts of the world.
After reading this pretty long article, I was still somewhat feeling that it should have gone deeper into query flood phenomena which might cause spikes in NXDOMAIN responses.
No matter what, a well-spent 10 minutes on educating yourself on things that are often not illuminated on one of the #Internet core protocols.
Have a nice weekend, everyone!
-
This one is a pretty long read, and it goes into details of observed #NXDOMAIN patterns with a bias towards the #DNS landscape in #China. I did not expect to see so much leakage of non-public TLDs, but I guess that - despite the bias towards Chinese networks- it probably looks similar in other parts of the world.
After reading this pretty long article, I was still somewhat feeling that it should have gone deeper into query flood phenomena which might cause spikes in NXDOMAIN responses.
No matter what, a well-spent 10 minutes on educating yourself on things that are often not illuminated on one of the #Internet core protocols.
Have a nice weekend, everyone!
-
This one is a pretty long read, and it goes into details of observed #NXDOMAIN patterns with a bias towards the #DNS landscape in #China. I did not expect to see so much leakage of non-public TLDs, but I guess that - despite the bias towards Chinese networks- it probably looks similar in other parts of the world.
After reading this pretty long article, I was still somewhat feeling that it should have gone deeper into query flood phenomena which might cause spikes in NXDOMAIN responses.
No matter what, a well-spent 10 minutes on educating yourself on things that are often not illuminated on one of the #Internet core protocols.
Have a nice weekend, everyone!
-
This one is a pretty long read, and it goes into details of observed #NXDOMAIN patterns with a bias towards the #DNS landscape in #China. I did not expect to see so much leakage of non-public TLDs, but I guess that - despite the bias towards Chinese networks- it probably looks similar in other parts of the world.
After reading this pretty long article, I was still somewhat feeling that it should have gone deeper into query flood phenomena which might cause spikes in NXDOMAIN responses.
No matter what, a well-spent 10 minutes on educating yourself on things that are often not illuminated on one of the #Internet core protocols.
Have a nice weekend, everyone!
-
This one is a pretty long read, and it goes into details of observed #NXDOMAIN patterns with a bias towards the #DNS landscape in #China. I did not expect to see so much leakage of non-public TLDs, but I guess that - despite the bias towards Chinese networks- it probably looks similar in other parts of the world.
After reading this pretty long article, I was still somewhat feeling that it should have gone deeper into query flood phenomena which might cause spikes in NXDOMAIN responses.
No matter what, a well-spent 10 minutes on educating yourself on things that are often not illuminated on one of the #Internet core protocols.
Have a nice weekend, everyone!
-
Amongst all root servers instances in India, seems like F-Root server by @iscdotorg has most locations, in total 15 locations. All major cities are covered.
See https://root-servers.org/ (scroll down and click F) to see locations.
-
Amongst all root servers instances in India, seems like F-Root server by @iscdotorg has most locations, in total 15 locations. All major cities are covered.
See https://root-servers.org/ (scroll down and click F) to see locations.
-
Amongst all root servers instances in India, seems like F-Root server by @iscdotorg has most locations, in total 15 locations. All major cities are covered.
See https://root-servers.org/ (scroll down and click F) to see locations.
-
Amongst all root servers instances in India, seems like F-Root server by @iscdotorg has most locations, in total 15 locations. All major cities are covered.
See https://root-servers.org/ (scroll down and click F) to see locations.
-
Amongst all root servers instances in India, seems like F-Root server by @iscdotorg has most locations, in total 15 locations. All major cities are covered.
See https://root-servers.org/ (scroll down and click F) to see locations.
-
M Root Server live in NIXI Mumbai now - https://m.root-servers.org/. A local site though.
-
M Root Server live in NIXI Mumbai now - https://m.root-servers.org/. A local site though.
-
M Root Server live in NIXI Mumbai now - https://m.root-servers.org/. A local site though.
-
M Root Server live in NIXI Mumbai now - https://m.root-servers.org/. A local site though.
-
M Root Server live in NIXI Mumbai now - https://m.root-servers.org/. A local site though.
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
DNS glitch that threatened Internet stability fixed; cause remains unclear - Enlarge
For more than four days, a server at the very core of... - https://arstechnica.com/?p=2026566 #domainnamesystem #rootservers #security #biz #dnssec #dns
-
Ever wondered why 13 is such an oddly specific number for #DNS #rootservers? Turns out that you could at most cram 13 domain names and their corresponding #IPv4 addresses in a non-truncated #UDP response. As soon as DNS truncates, the resolver falls back to #TCP. To avoid this additional performance impact and stress to the servers, the number is limited to 13.
-
Ever wondered why 13 is such an oddly specific number for #DNS #rootservers? Turns out that you could at most cram 13 domain names and their corresponding #IPv4 addresses in a non-truncated #UDP response. As soon as DNS truncates, the resolver falls back to #TCP. To avoid this additional performance impact and stress to the servers, the number is limited to 13.
-
Ever wondered why 13 is such an oddly specific number for #DNS #rootservers? Turns out that you could at most cram 13 domain names and their corresponding #IPv4 addresses in a non-truncated #UDP response. As soon as DNS truncates, the resolver falls back to #TCP. To avoid this additional performance impact and stress to the servers, the number is limited to 13.
-
Ever wondered why 13 is such an oddly specific number for #DNS #rootservers? Turns out that you could at most cram 13 domain names and their corresponding #IPv4 addresses in a non-truncated #UDP response. As soon as DNS truncates, the resolver falls back to #TCP. To avoid this additional performance impact and stress to the servers, the number is limited to 13.
-
« Detecting DNS Root Manipulation » by RIPE labs
https://labs.ripe.net/author/qasim-lone/detecting-dns-root-manipulation/
-
« Detecting DNS Root Manipulation » by RIPE labs
https://labs.ripe.net/author/qasim-lone/detecting-dns-root-manipulation/
-
« Detecting DNS Root Manipulation » by RIPE labs
https://labs.ripe.net/author/qasim-lone/detecting-dns-root-manipulation/
-
« Detecting DNS Root Manipulation » by RIPE labs
https://labs.ripe.net/author/qasim-lone/detecting-dns-root-manipulation/
-
« Detecting DNS Root Manipulation » by RIPE labs
https://labs.ripe.net/author/qasim-lone/detecting-dns-root-manipulation/
-
B-root is renumbering, to increase the RIR diversity (and therefore also RPKI diversity) of root server IP addresses. Announcement here in Spanish: https://www.lacnic.net/6868/1/lacnic/lacnic-asigna-recursos-de-numeracion-al-servidor-raiz-de-usc_isi