[sdnog] DNS root server in Sudan

Hiba Eltigani higba6 at gmail.com
Tue Feb 17 20:45:05 SAST 2015 

Hello SdNOG
       So, two months after last communication and we have new root server
in SUDAN; "D" server. Thanks to PCH with help of SudRen. Now I think it is
good time to test if we are really using them with help of Nishal e-mail
below. As end users, we can test if we are getting the "supposed"closest
root DNS or not. As pointed before we can check the server using query like
( dig id.server @e.root-servers.net ch txt). My machine is showing below
results, please check yours. Also, it will help if ISPs can show if their
DNSs are now choosing the servers in Sudan or not.

C:\>nslookup
Default Server:  UnKnown
Address:  10.0.0.44

>  set type=TXT
> set class=CHAOS
> HOSTNAME.BIND 192.203.230.10
Server:  [192.203.230.10]
Address:  192.203.230.10

Non-authoritative answer:
HOSTNAME.BIND   text =

        "1.1.e.krt.pch.net"
> HOSTNAME.BIND e.root-servers.net
Server:  e.root-servers.net
Address:  192.203.230.10

Non-authoritative answer:
HOSTNAME.BIND   text =

        "1.1.e.krt.pch.net"

PS: If you are getting different results, may be it is time to talk to your
ISP ;).

BR

On 15 December 2014 at 12:42, Nishal Goburdhan <nishal at controlfreak.co.za>
wrote:

> On 14 Dec 2014, at 23:47, Hiba Eltigani <higba6 at gmail.com> wrote:
> >
> > Salam,,,,
> >     I am not sure if you heard or not but there is a DNS root server
> currently resides in SIXP thanks to PCH, Nishal and SudRen :). The server
> is "e.root-servers.net" and it should mean faster queries and more
> resilience in case of submarine cables cuts. So, through techniques of
> anycast we should be able to use this nearby copy instead of going all the
> way to Europe. I have tried to find out the order in which my PC will query
> root servers and it turns out to be from A to M. So now, how can I
> guarantee that my corporate DNS which is most probably based on BIND will
> query the e root server first that is currently with short distant? Should
> I change the order in the root servers file or there is something I didn't
> pay attention to?
> > I appreciate your response.
>
> hi hiba,
>
> the short answer, is that you (or your ISP) don't need to change anything
> in your DNS setup to take advantage of this.  all that your ISP should do,
> is make sure that it is peering with the local anycast instance.  its DNS
> infrastructure, should then benefit by default.
> there are at least two parts to you question.
>
> how do i verify this?
> you can verify this, by using a few tools (as i explained during my
> anycast talk at sdNOG  :-))
> traceroute -should- show you the path that your ISP should take;  so
> that's a good place to start.  if you traceroute to this host, does it look
> like it is going over the IXP, and not overseas?   DNS names and latency
> should give you an indication of this....
> next, you can use the fairly standard dns utility called "dig"  and issue
> queries like:   dig id.server @e.root-servers.net ch txt
> doing that, from my home in JNB, shows me:  "e-02.jnb.pch.net" so that's
> a good guess that i'm getting to the instance in JNB.
> you should probably expect to see ***.KRT.*** in your answer.
> bear in mind that using "dig" is not an in-band answer;  remember my
> pointer to NSID (RFC5001) and RFC7108.  you can use the tips in there to
> verify this further.
>
> how does my ISP's name-server pick the appropriate root to use?
> BIND, and some derivatives, use a latency measurement to determine which
> authoritative server is closest, and then it queries what it thinks is the
> "closest" server.  this value is appropriated weighted, so that, over time
> (or for as long as the answer remains cached) different name-servers have a
> chance to be queried.
>
> of course, if you, or your ISP, have setup your name-server to use DNS
> resolvers that are outside your country (like, oh, say 8.8.8.8) then that
> host will likely -not- ever query the "local" root...
>
> hth,
> --n
> _______________________________________________
> Sdnog mailing list
> Sdnog at sdnog.sd
> http://lists.sdnog.sd/mailman/listinfo/sdnog
>



-- 
Always smile
 Hiba :-)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sdnog.sd/pipermail/sdnog/attachments/20150217/b67590eb/attachment.html>

More information about the sdnog mailing list