On 6/2/23 3:50 PM, Wes Hardaker wrote:
Robert Story <[email protected]> writes:
We are indeed testing with the new addresses, but it will not be
considered production until 2023-11-27. The addresses and/or routes
may have brief or extended outages, so I wouldn't recommend switching
anything ahead of our announced dates for the cut-over.
Robert is correct that we are operating it (and we made sure we were
before even announcing the upcoming change). I think there is a good
question as to whether or not we are supporting it fully now as a
"production" address, to which I can say: we have no intent to stop
advertising and supporting service to it from now on.
But, having said that, the announcement and expected change within the
official root zone distributed by IANA will be on 2023-11-27 per the
announcement and our agreement with IANA. We do not recommend anyone
switch their local root-hints files ahead of that date, as the result
will be a resolver that actually reverts back to our current production
date after receiving the priming query responses anyway (as only our
current addresses are in the root zone and root-servers.net zone today).
Wes,
I am 100% behind this effort to de-centralize the root server network
resources, and particularly excited that LACNIC has been chosen for this
important role. We've changed root server addresses in the past, and
while it hasn't happened in a while folks who haven't been through this
before should know that there is no reason to panic. :)
I am a little concerned about the plan for this change though, in the
sense that in the past when the new addresses were announced they were
fully operational, barring any unforeseen issues. So during the phase-in
period (usually a year in advance of the intended cutover) folks were
free to treat the new addresses as production, bake them into silicon,
etc. After the cutover date the old addresses continued to answer for a
year (or so), but folks were discouraged from continuing to use them.
I thought that Robert's announcement was clear, but I think that the
confusion is coming because Robert's plan didn't seem to line up with
"how we've always done it," which you've now confirmed.
I'm not saying that you need to change anything, but I think the safer
alternative would be starting ASAP to treat the new addresses as
production to the extent possible, since other people will do that
anyway. I also think that gives you a more realistic chance of making
sure that when the cutover actually happens that everything will work as
intended.
Just want to be clear that I am offering these comments solely in the
spirit of making sure that the project is ultimately successful.
hope this helps,
Doug
_______________________________________________
dns-operations mailing list
[email protected]
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
