Root-Servers

Has been a while since I checked the status of root servers which are hosted at NIXI. The list as per their official member list stays the same i.e i root in Mumbai, K root in Noida and F root in Chennai. 

i root seems to be up!

show ip bgp neighbors 218.100.48.75 received-routes
       There are 5 received routes from neighbor 218.100.48.75
Searching for matching routes, use ^C to quit...
Status A:AGGREGATE B:BEST b:NOT-INSTALLED-BEST C:CONFED_EBGP D:DAMPED
       E:EBGP H:HISTORY I:IBGP L:LOCAL M:MULTIPATH m:NOT-INSTALLED-MULTIPATH
       S:SUPPRESSED F:FILTERED s:STALE
       Prefix             Next Hop        MED        LocPrf     Weight Status
1      192.36.148.0/24    218.100.48.75   0          100        0      BE
         AS_PATH: 8674 29216
2      194.58.198.0/24    218.100.48.75   0          100        0      BE
         AS_PATH: 8674 56908
3      194.58.199.0/24    218.100.48.75   0          100        0      BE
         AS_PATH: 8674 56908
4      194.146.106.0/24   218.100.48.75   0          100        0      BE
         AS_PATH: 8674
5      194.146.107.0/24   218.100.48.75   0          100        0      BE
         AS_PATH: 8674

Talking about root DNS server’s anycast at APNIC42. YouTube here.

I just presented data on Performance of Root DNS anycast in UK & Ireland at INEX meeting.

There seems be an ongoing route leak by AS49505 (Selectel, Russia) for K root server.

K root server’s IP: 193.0.14.129
Origin Network: AS25152  

Here’s trace from Airtel Looking Glass, Delhi PoP

Mon Oct 26 16:21:18 GMT+05:30 2015
traceroute 193.0.14.129
Mon Oct 26 16:21:22.053 IST
Type escape sequence to abort.
Tracing the route to 193.0.14.129
 1   \*
    203.101.95.146 19 msec  4 msec
 2  182.79.224.73 14 msec  3 msec  1 msec
 3  14.141.116.89.static-Delhi.vsnl.net.in (14.141.116.89) 7 msec  3 msec  2 msec
 4  172.23.183.134 26 msec  45 msec  26 msec
 5  ix-0-100.tcore1.MLV-Mumbai.as6453.net (180.87.38.5) 151 msec  153 msec  152 msec
 6  if-9-5.tcore1.WYN-Marseille.as6453.net (80.231.217.17) \[MPLS: Label 383489 Exp 0\] 160 msec  163 msec  155 msec
 7  if-2-2.tcore2.WYN-Marseille.as6453.net (80.231.217.2) \[MPLS: Label 595426 Exp 0\] 161 msec  162 msec  162 msec
 8  if-7-2.tcore2.FNM-Frankfurt.as6453.net (80.231.200.78) \[MPLS: Label 399436 Exp 0\] 149 msec  151 msec  155 msec
 9  if-12-2.tcore1.FNM-Frankfurt.as6453.net (195.219.87.2) 164 msec  163 msec  159 msec
 10 195.219.156.146 153 msec  151 msec  160 msec
 11 spb03.transtelecom.net (188.43.1.226) 190 msec  192 msec  189 msec
 12 Selectel-gw.transtelecom.net (188.43.1.225) 185 msec  185 msec  185 msec
 13 k.root-servers.net (193.0.14.129) 183 msec  204 msec  196 msec
RP/0/8/CPU0:DEL-ISP-MPL-ACC-RTR-9#

The routing information (show route 193.0.14.129 output) from their looking glass doesn’t seems useful since it shows that it’s learning K root Noida route via NIXI. This is likely because routing information is different from actual forwarding information in that device. So the trace looks extremely weird. It’s leading traffic to K root which does has anycast instance in Noida, landing into Russia!   Why is that happening? Let’s look at what Tata Communications (AS6453) routing table has for K root’s prefix. I am looking at feed of AS6453 which it’s putting into RIPE RIS RRC 03 collector.

Enjoyed ISC’s presentation about their analysis of F root server (one 13 root DNS servers which power the Internet) about anycast performance gloablly for 192.5.5.0/24 announced (and anycasted) by AS3557 (ISC). This was presentation at UKNOF 32.

Embedded presentation below (or click here to watch on YouTube directly)

K root in Noida seems to be not getting enough traffic from quite sometime and connectivity does seems bit broken. This is a blog post following up to Dyn’s excellent and detailed post about how TIC leaked the world famous 193.0.14.0/24 address space used by AS25152. It was good to read this post from RIPE NCC written by my friend Emile (and thanks to him for crediting me to signal about traffic hitting outside!)  

Super dull time here. No classes going on due to “TCS Placement session” at college and this makes me to sit in my room most of time of my day. 

Yesterday I tested connectivity to all 13 Global Root DNS Servers and found i root was giving issue.

Here’s a my yesterday’s traceroute to i root: 

traceroute to i.root-servers.net. (192.36.148.17), 30 hops max, 60 byte packets
1 router.local (10.0.0.1) 1.470 ms 1.965 ms 2.452 ms
2 117.200.48.1 (117.200.48.1) 26.030 ms 28.857 ms 31.243 ms
3 218.248.173.46 (218.248.173.46) 34.673 ms 37.091 ms 41.025 ms
4 218.248.246.130 (218.248.246.130) 72.853 ms 75.272 ms 77.959 ms
5 * * *
6 * * *

Since i root is another root server hosted within India by NIXI, I was quite sure this was issue again due to NIXI’s regional route enforcement policy along with missing transit link on i root. You can see my last blog post about same issue with F root here.

Time for a quick followup blog post. On 26th April of this year I blogged about broken connectivity of F root server which was hosted in NIXI Chennai. Apart from that blog post, I did informed ISC which operates F root (NIXI was host on behalf of them in India). In my open email on APNIC mailing list, I got a reply from Network Operations Center of ISC that they will verify and will take necessary action. Within 48 hours of that email they figured out root cause and since they couldn’t fix it right at that point, they pulled plug off from that root server.

In last few days, I have been pushing discussion on APNIC & NANOG mailing lists about poor DNS infrastructure in India.

Thought to put a quick blog post on the issue.

So what’s exactly wrong?

To understand what’s wrong, let’s understand how DNS works at core level. DNS relies on a hierarchy model with . (dot) on top which is Root and TLD i.e Top Level Domains below Root, which further  follow 2nd level domains which are popularly domain names we use. So e.g mail.google.com is actually like

Today I was showing a good friend - how root servers are working and how they are connected. I was explaining him anycasting and gave example of k-root node which is hosted in Delhi by niXi i.e National Internet Exchange of India. I was totally stunned to find traceroute result to anycasting based block of k-root-node hosted in Delhi from my BSNL connection. Checkout traceroute here.

It seems like BSNL has gone totally wild in listening to announcements for 193.0.14.0/23 via ASN 25152 which is of  RIPE-NCC-K-ROOT nodes.