Slashdot Mirror
Sun no Longer the "dot" in .com
An anonymous reader writes: "Sun's claim to fame, namely being the "dot" in .com in all their TV spots, has been snatched by IBM. Their E10000 which was serving as the A.Root server has been replaced by an IBM RS/6000 S80. " OK, it's not the most significant news, but it was just funny to see that title. ;)
...involving the phrase "Getting the dot, but missing the point."
I just can't think of it.
Damn.
"Do you expect me to talk?" "No, Mr. Bond. I expect you to die!"
(from the NANOG mailing list:)
Date: 14 Apr 2000 20:04:52 -0700
From: Sean Donelan
To: tomn@netsol.com
Cc: nanog@merit.edu
Subject: RE: NetSol screwing the pooch?
[snip]
I'm a bit concerned when I read about a plan to install identical
servers, with identical configurations, with identical software,
connected to identical routers also with identical software and
configurations, operated by a single human point of contact.
[snip]
- A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
Sun has been swapping processor boards on running systems for quite some time now. Designing a computer that can do this is _not_ an easy thing to do. The E10K is a second generation machine (the Cray CS6400 was the first generation). Dynamic Reconfiguration ("DR") requires all device drivers to be tested and stable during this operation. Memory has to be "drained" from the banks on the board being removed and processes have to be migrated off of the processors on the board being removed. The hardware on the system board has to support DR, the backplane has to support DR, the control board has to support DR, the operating system has to support DR, and the Service Processor has to control DR.
Again, _not_ easy. I do expect that IBM, given its extensive experience making mainframes, could definately provide this capability to a UNIX system if they put their minds to it. Heck, they put LPARS on the AS400.
BTW, the E10K has three times the system memory bandwidth of the S80. That is why IBM will never publish a Stream benchmark for the S80.
OK. So there were a few issues with the report.
:) the root servers that are based in universities and other educational environments more than I'd trust any closed source limited setup. Face it, those "educational" root servers are probably running BSD or Linux and are probably using the latest versions of bind without sh*te loads of other processes and probably are kept up to date. I wouldn't trust NSI further than I could throw them.
.com .uk etc. and is used as a last resort when local dns caches do not have the information to hand, or it is out of date. There are many other root servers, an article was written about this, but this whole thing is fscking boring and about as interesting as me buying a new PC."
1). NSI Registrar actually manages this, the "independent" part of NSI.
2). Nobody cares that NSI chose IBM over SUN as it's only one machine. You guys fuss like this machine is actually important when it's actually about as significant as my home PC. If it goes down things might become a little slower for uncached queries, but the vast majority of users won't notice any change - it's called DynamicNS for a reason fokes, stop fussing over one particular box.
3). NSI are being twerps choosing to standardise on certain stuff when in reality I'd trust (no Verisign pun intended
4). NSI do ___NOT___ maintain the domains for other countries. They may own the box that is A.root-servers.net but that only takes you from the "." to "com." or "uk." - the actual country dns's coupe with registrations - so NSI are trying to claim responsibility for something they know crap all about and that they don't own or run.
5). They articles are so badly written that they might as well have not been written at all.
In short:
"NSI today purchased a new box to replace A.root-servers.net, which used to be a SUN E10000 box. The "A" root server is responsible for resolving the top level '.' domain into subdomains such as
Jonathan.
--
oh-go-on-spam-me-spam@easypenguin.com
http://www.jonmasters.org/
Speculation:
Automatic lookups of domains in order to find out if they're free? Feeded by word databases which itself were built by semi-automatic "buzzword generators"?
Really, when the imac came out I would guess that 1 million domain-traders tried to catch everything from www.i-apple.com to www.i-zoo.com.
Well, the ArpaNET started on PDP-10s, no doubt about it.
But hadn't the world pretty much gone to Unix by the time the Internet began?
D
----
That and the shareholder meeting is this tuesday....don't forget to vote your proxy.
Vermifax
Vermifax
Logout
Really, thought the same time. We just priced a E5500 with only 4 processors and 2gig and a shitload of disk and the total was $180k.
If you have a Starfire fo $80k, let me in on where to pick one up!
Actually, the article says 24, not 4
Think outside the... Hey, where'd the friggin' box go?
*One* Server holds the master file? One Server to rule them all One Server to find them One Server to bring them all And in the DNS BIND them
Say hello to zMac.
One Server to rule them
One Server to find them
One Server to bring them
And in the DNS BIND them
Say hello to zMac.
I meant to write that it was product of the year primarily due to the different benchmarks it shattered (yeah, yeah - contrived benchmarks)... DB2, SAP, Oracle, all sorts of goodness.
I will now cease to rant, unless otherwise provoked 8^)
"It's tough to be bilingual when you get hit in the head."
Well for a brief summary, look here. Briefly summazrized: roughly the same horses with half the cost and 1/3 the processors.
--sugarman--
Plus better reliability, better service and a more sophisticated operating system.
That's all really.
Deleted
Looks like after that they've decided to change to the "doh" in
[drum hit]
Hotnutz.com - Funny
Random Person-"you mind if i get a coke?"
Me-"That's not any ordinary fridge. that's a.root!"
Random Person-"huh?"
that would be fun. but seriously, what do they do with the ex-servers? i mean, no matter if it is an E450 or the E10000 the article claimed, that's still some serious power. it's funny when technology you could never afford in a million years gets deemed obsolete. maybe i'll get a big alpha-200 server or something for cheap and pretend it's a.root. or something. isn't it great to be geek?
He's describing the behavior of the registry, not of the root-servers themselves... what gives?
The root servers run bind, and server out names. Period.
The registry facilities (internic, formerly) are on a totally different system.
Not four servers.. a four processor e450.
And a quad processor e450 running solaris will eat you for breakfast.
Some compaq servers? If it's a quad alpha.. yeah...
but you can't beat solaris.
I dig sun... I love sun..
but you know.. some sun salesmen REALLY piss me off. VERY pushy. The worst thing you can do with me is get pushy.
I was wondering when you ancients were going to show up and start setting things straight.
;)
Oh.. thanks
I'm not sure why you used the analogy you did. In the event of a natural disaster, a piece of Big Iron is just as fallible as a PC. Depends on the disaster. The S80 could probabbly fare pretty well in an earthquake. I remember an add DEC use to run about their "High Availability" VAX/VMS systems. A picture of a machine room after an earthquake. Machines that had ripped the bolts out of the racks and were on their sides. The HA VAX had it's disk lights going, even with part of the machine in a pool of water (I assume from some thing else's cooling). The S80 could have a lot of it's CPU and memory boards unseated (or destroyed) and should keep on chugging (it might have to auto-reboot). No PC's I know of would. Unless you count the old Sequents as PCs just because they use 80386s and 80486s. This makes me curious -- what would happen if the root A server got totalled? What gets failed over onto? If the primary fails the secondarys can still give answers (I think secondaries can even give authoritatave answers in most cases). The failure would have to last days before a Bad Thing (other then excess load) happened. Check your /etc/namedb/root.cache for details.
I am not a big fan of the old K systems, but the N class systems are pretty nice. We have a 6x440 CPU/16 GB system that screams, and they now go to 8x550/32 GB -- not bad for a "mid-range" server. The N machines have full hardware support for hot-swap components as well. Unfortunately, there is (as of yet) no software support for it at all (supposedly comming in 11.11, but as mentioned it will take at least a year to work right)
Everything I have seen and heard says the hardware is more reliable than anything Sun makes. Unfortunately, there are 6 times as many patches you have to apply to make the software run at all (all of them triggering an auto-reboot after install. Damn, Toto, I think we are in Windows again...)
Go Big Blue! (shameless plug).
Hey... they pay my salary, what can I say 8^)
"It's tough to be bilingual when you get hit in the head."
Insert "Big Blue Dot" jokes here.
(Odd, too -- Sun's E10K, or "Starfire" box, kicks ass. Copious amounts of ass. I'm surprised they switched.)
You cannot apply a technological solution to a sociological problem. (Edwards' Law)
Which - the lame Sun dot ads, or any of the lame IBM ads...
If they all stopped, or actually made sense (smelling a Thinkpad?!), I'd feel a lot better.
"It's tough to be bilingual when you get hit in the head."
Yup, I got suckered by the bug here too (corrected non-previewed post here). Seems this guy did too (and had to correct it as well). Just venting my (offtopic) frustration, that's all... ;-) (fingers crossed without preview...)
Say hello to zMac.
..how could I have been so mistaken =P
Could this be in any way the reason why the root server database has not updated for 2.5 days? Last updated 19-Apr-2000 22:22:07 EDT.
Assuming you can figure out where they all are form the IP addresses in the root.cache file, and traceroute, or other similar tools, and maybe a bit of social engenering, it shouldn't be any harder then any other 12 randomly selected machines. (i.e. you may get unlucky and some are in phone COs and you need to get into a somewhat secure area, or blow through a lot of concrete in the internal walls behing the office bilding facade).
That wouldn't take out "the Internet", just much of name service. It would suck a lot. As caches started timing out things would start to suck a lot more.
However there are unoffical secondaries (not listed), and I assume other backup sets of the data. "All" that would be required would be to set up another root server (or 12), and route the old root serve's machine's IP address to the new ones. Wait less then five minutes for routing to converge, and all is right with name service again. Regretabably the loss of life involved in "12 explosions" would be far harder to "correct".
Beats me how long it would take to fix. If there is a real drill for it, maybe under an hour. If there is no drill for it, it could be much longer since the "12 explosions" probbably will cause lots of confusion.
The root servers are root-servers.net, so IBM can be called the dot in .net and Sun can still claim to be the dot in .com.
I felt someone had to stand up for AIX, cause well, it got me a job at one point, and you're the only one who will! `8r) but I still say I was dead on about the 'smit' crack. heh
As far as the a brand new IBM box beating a Solaris box.... that's not bad for a box that first started shipping in March 1997. It just got leapfrogged 3 years later for some odd reason... `8r)
--
Gonzo Granzeau
Gonzo Granzeau
"Nothing the god of biomechanics wouldn't let you into heaven for.." -Roy Batty
the dot shortage may quickly become unbearable...
TO BUY A NEW CAR WOULD MAKE YOU SEXUALLY ATTRACTIVE.
That may be true of McNealy, but look at some of the other Sun heavyweights like Bill Joy! This guy wrote vi and BSD networking for goodness sake!
--hunter
RateVegas.com - Vegas Reviews
Here's the real info:
The A root name server has doubled transaction growth in the past quarter to over 5000 queries per second with peaks up to 8000 queries per second.
Which comes out to ~430 million queries/day - as the article states...
Though several other sources seem to agree - it was a E10K...
"It's tough to be bilingual when you get hit in the head."
I'm not sure why you used the analogy you did. In the event of a natural disaster, a piece of Big Iron is just as fallible as a PC.
Which is one reason IBM sells clustering solutions for just about everything they make.
This makes me curious -- what would happen if the root A server got totalled? What gets failed over onto? I know I should RTFM, and I will, but my Stevens books are at home.
Remember that what's inside of you doesn't matter because nobody can see it.
I was watching the late evening business news on CNBC yesterday, and they interviewed the CEO, is it, of HP - the very sexy-looking lady, Fiorino, Carly Fiorino? Man, I'd like to be her personal assistant :) Anyway, the interviewer was asking about HP earnings, and the debut of the "new" MS-based PocketPC, and Ms. Fiorino also started in on Sun. Seems HP's got their server sites set on ol' Scott&Co. Big announcement that eBay replaced it's Sun's w/ HP's. Ms. F. said to look for future announcements in the same vein.
Guess Sun better check it's six, huh?
"shop smart:shop s-mart" ash
You can't put 'just' 4 processors in an S80, it comes in multiples of 6 up to 24.
The biggest advantage to an S80 is the price/performance ratio. The big disadvantage is that it has to be shut down when a CPU or a memory card fails. E10K's can hot swap CPUs and memory, but E450's can't...
Just clarifying.
Well, of course ! The whole reason it performs better is because of Linux. Imagine millions of Linux developers coding and sweating, saying "IBM is cool". Their effort then will naturally turn into CPU power, making all IBM CPUs magically run faster. The box itself doesn't have to run Linux (of course, it would be *at least* 10 times faster if it did).
It certainly is because of Linux. Anyone suggesting any other alternatives are deranged.
--
Kinda like it's argueable that Cisco is the . in .com. Their routers and hardware run all over the place, but most end users don't even know it's there. Just like that lowly '.'.
Last time i checked, RFC 882 put the dot in .com
Just from a theretical point of view, how difficult do you think it would be to take those servers down from terrorist activity. I mean could the internet be taken down if 12 explosions at the right time/place where detonated?
Stripes starts his reply:
Assuming you can figure out where they all are form the IP addresses in the root.cache file, and traceroute, or other similar tools, and maybe a bit of social engenering, it shouldn't be any harder then any other 12 randomly selected machines.
Define "explosions"
Stripes, The poster to which you responded did not specify what type of explosions were available to them. If they're nuclear explosions, they'd probably need only 8-10 strategically placed explosions to wipe out all of the current neameservers (with or without social engineering). If they're lucky, they might take out the "shadow root servers" as well. Given the location of some of the root servers, they'd probably cripple alot more than just DNS. They'd effectively take out a good deal of infrastructure as well as the Internet engineers necessary to repair it, not to mention start a worldwide panic.
The Internet would still recover though, much as you described in your post. Anyone can setup a redundant server cluster within a matter of minutes given a set of pre-staged root and first level zone data.
The more interesting problems are due to corrupted data rather than doing denial of service attacks on nameservers. Some bad data in Network Solution's database can make various interesting parts of the Internet suck really bad. When one root server has data corruption, the whole net feels it. Imagine if some NSOL staffer garbled the nameserver data for "Yahoo.COM." or "IN-ADDR.ARPA." to point to 255.255.255.255 instead of the real servers?
For anyone else interested in DNS DoS...
An easier method
One of the easiest way to kill DNS is to try a coordinated DoS attack against all of the nameservers. Each of the world hundreds of thousands of resolvers is configured to use any of 13 root nameservers. Just like a 15-year-old kid did with HTTP requests, one could probably start a distributed DoS attack against DNS. The "heftiest" root nameserver is rumored somewhere in this discussion to be able to handle 6000-8000 hits a second. With 13 published nameservers, one needs only about 100000 hits per second to saturate the current capacity of all of the servers. Let's say that I was a bright hacker (which I'm not) that I could find my way into 1000 machines around the world that each had a T1 connection or better. Can we agree that this is a difficult but not unreasonably impossible thing to do? If one were not smart enough to do it themselves, one could perhaps go to a hacker convention or local user group and bribe a script kiddie seeking infamy and fortune to go forth an find 1000 machines to hack. Another way is to unleash a time-dated virus onto the net that will do your bidding at a specific time. Each machine would gather a list of 100 addresses, perhaps starting with the history file of a user's browser to get a list of second-level domains. It could also look for addresses using a popular portal directory or search engine and interpret results to get domain names. With 100 domain names, it would query 100 names per second (less than one megabit) from each of the few registered root nmeservers. While the traffic isn't overwhelming, it will overload the root servers fo rthe number of transactions per second, and nothing short of hunting and killing half of the query servers would reduce the effectiveness of the attack. To make the attack harder to stop, one could double or quadruple the number of query servers or use methods of masquerading your attack (I won't go into detail here) to keep network administrators from being able to shut down query servers. Another way to scale the attack is to use they heavier TCP protocol for most of the queries instead of the lightweight UDP.
fin.
The technology needed to exponentially increase the ability of the root servers to perform is not out of reach. With the proper motivation (a DoS like I described), one million dollars of capital (compare $1m to the current valuation of NSOL), and perhaps 30 man-weeks of time, one can make a farm of servers able to handle two orders of magnitude more requests than the current set of servers.
The IBM server announcement by Network Solutions disappoints me. It's sad.
Any of the following are good candidates that I know about for scalably solving root DNS infrastructure problems...
- UltraDNS - DNS service provider with an interesting spin on distributed scalability
- Nominum - the knowledge and knowhow to make fast scalable DNS servers and software
- Akamai/Sandpiper - a distributed operations infrastructure onto which one can install root clusters.
Hint: If one can make an application layer proxy host that takes inbound DNS requests and routes them based on a hash table of domain names to a set of back end nameservers (with only a fraction of domains loaded on each), one could have the start of a scalable solution. One can make a fast cheap BSD box to do this up to 5000 ops per second or better. I wonder if the skunk works at Novell can do ths faster. One can use some router technology (OSPF, trunking, or L4 switching) to spray UDP requests to a number of these appliction load balancer / DNS proxy servers.One can also implement interesting filters on such a proxy server to reduce the effect of stupider resolvers or lame DoS attacks.
--
Eric Ziegast
PS: Slashdot probably isn't the best forum for this, but if you know a better forum, feel free to point them toward this post.
Proving the unstoppable superiority of the Power PC Architecture.
Just wait, tomorrow, we'll hear about them replacing the RS/6000 with a warehouse full of water-cooled quad Xeons running Windows 2000.
We wont hear, of course, that MS fronted the money for the HW.
I wish I had a nickel for every time someone said "Information wants to be free".
These are my friends, See how they glisten. See this one shine, how he smiles in the light.
If NSI doesn't need that E10000 anymore I can give it a good home.
There's plenty of load balancing among the root servers. If you have an adequately recent distribution of BIND (4.x+ will do fine), you have a hint file (named 'root.hint', or 'named.ca', or whatever) listing all of the root servers (I guess) and the original names. My 'root.hint' file lists 13 of them (from a.root-servers.net to m.root-servers.net).
In Soviet Russia, Jesus asks: "What Would You Do?"
Correct me if I'm wrong but that server is the root so IBM is the dot after .com. Not the dot before .com.
DNS can be thought of like a file system structure. In unix "/" is root. In DNS "." is root. After the root comes the top level domains like ".com" and ".net". No one ever types in the root dot. To type in the root dot would be to type in a dot after the TLD. like this "www.ibm.com." (The trailing dot is not a period, its the root dot.)
Sun announces 'Microsoft Sucks'.
The hardware isn't what caught my eye in the story. It was the little fact at the bottom of the article.
...domain-name registrations--jumped from 1.5 million a day to 25 million a day in the first 12 weeks of the year...
All I can say is WOW. Are there enough coherent domain name possibilities left?
tasty and delicious
The root servers (I don't know about every server, but at least A, for sure) are not only responsible for the root "." domain, but also responsible for the generic international TLDs, ie, .COM, .NET, etc. At least, that's what dig tells me.
There's 10 types of people in this world, those who understand binary and those who don't.
just a note, in case anyone is wondering what I am talking about when www.ebay.com is shown to be running IIS by netcraft. They run IIS/NT for the pretty Frontpage stuff, but have a look at the guts of the site: search.ebay.com . That's running Zeus 3.3.
"The new wave is not value-added; it's garbage-subtracted" - Esther Dyson, Dec 1994
Those who have administered DNS servers using BIND know what I'm talking about. Zone files, baby. You don't specify (www.myserver.com), you specify (www.myserver.com.) --- see the dot at the end? That's the ultimate dot. It's so fucking 'reet it's even higher up in the tree than com, net, org, or any of the other top-level domains (TLDs).
Millions more names have been registered by competing companies and registrars outside the United States. Network Solutions will disclose exactly how many next week when it reports quarterly earnings.
cat
Cisco hardware is popular but there's better hardware out there. Stuff from Juniper Networks is arguably better. I've heard engineers talk about how using a Cisco on the end of a DS3 is tantamount to throwing away 10% of that bandwidth (=2.8 DS1s), because the cards/backplane just don't have the throughput to handle it.
One dot, slightly used.
Our company has a $1,000,000+/year support contract with sun. That ain't cheap, and neither is their hardware. For an E10K to cost $70,000, it would have to be an empty box, maybe a power supply, and maybe assembled... maybe not. :) That support contract is great, though. We can RMA any hardware for any reason. One time someone mis-seated some RAM or a CPU or something in a "grey cube" server. Sun sent us replacement hardware, no questions asked. We can also send them core dumps and expect a reply/resolution in a reasonable amount of time. (I think that having a company with a full-time staff of people who can analyze core files is a major reason why Linux is not more popular in big corporations.)
Known as the A.Root server, the big black IBM computer holds the authoritve files for matching domain names--such as www.marthastewart.com or www.yahoo.com--...
/. readers that are new to network hierarchy should get the facts.
Actually, this is not true. This server only translates the field directly before the TLD extension. That is, only yahoo.com and marthastewart.com are served. The www part is supplied by yahoo and martha's respective root servers.
I realize that the author of the article probably knows this, but did not include it in his article so my mother would understand, but I feel
Sludgie
and what's up with my tags being removed in the editing field when I preview? That's annoying.
Duh... paragraph, not bold... slap me for not previewing!
Hey there..
Isn't it arguable that SRI & ISI put the . in
RFC830 put the . in
Then, a little later, RFC 881 defined the
domain name heirarchy.
And RFC920, an ISI publication "Domain Requirements" actually lays out the top level domain structure, seperating 'education' 'commercial' and 'government', i.e, the first definition of
So I'd say that RFC830 put the . later used in the RFC920 COM.
Oh well..
I always refer to mine as my "Stinkpad"
Message on our company Intranet:
"You have a sticker in your private area"
beauty is only a light switch away
the "/" that you see between the top-level-domain of an address and its subdirectory is no longer being served by Slashdot
Slashdot has never been the slash between the domain and directory, slashdot is the second slash in http:// and as of March 18 of this year, it's the first slash in ftp://. A currently pending deal will make it both of the slashes in gopher://.
In related news, Scott McNealy has resigned from the post of Sun's CEO, citing "IBM does have a point in supporting Linux". A successor hasn't been appointed yet, but rumors from trusted sources indicate that a known Linux supporter, Eric S. Raymond, will be selected.
No officials from Microsoft were harmed in the making of this report.
Cheap! Slightly used Sun Ultra Enterprise 10000 for sale. Like-new condition. Every home network needs one of these.
If you look at the Fortune 100 corporate web sites, 52% of them are running Solaris with various web servers. Now this is certainly flamebait to most /.ers, the runner up was Windows NT (2000) with 29%. Interesting fact: Linux only runs one of the Fortune 100 web sites.
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
tadpole yogurt? haste paste?
somebody has a better imagination than me.
--
Trollin' fer syrup!
See my post below for why this statement is just plain stupid. Another person who has drunk the Linux koolaid.
They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.
AIX....
Linux is not supported and will not run on an RS/6000 S80. I believe Linux us only supported on low-end RS/6000s up to 4-way. The Linux kernel needs lots of work to support a 24-way SMP system.
Aide: Grant drinks too much to command an army. Lincoln: Find out what he drinks and give it to my other generals!
Not even that is served from the root servers. All the root servers serve is IP addresses of the nameservers for the domain of the host being looked up, its up to the domains nameservers to deal out any actual IP's, including for their own domain.
You look up marthastewart.com, your nameserver asks one of the root nameservers where the nameservers for marthastewart.com is, it then asks them for the IP to marthastewart.com.
Not even THAT is asked from the root server. If I'm not mistaken, your dns server asks for the address of "www.marthastewart.com" and gets the reply "you should be asking ns.marthastewart.com and before you'll ask me, the IP of ns.marthastewart.com is: x.y.z.w".
Roger.
The S80 upgrade to an S7A is something like 500K I don't even know what a purchase would cost.
Vermifax
Vermifax
Logout
so, we know that a.root is an RS/6000 S80, and
f.root is served by twin es40 compaq alphas.
just curious.. anyone know what the other 12 are running?
-dug
hell, I got me an account on an S80 myself! Whats wrong...you don't? Oh my...
:)
hehe
Blar.
Well for one, you're not getting "just" a CD. You're getting a 5 lb (?) box of 1 web interface install CD, the 2 Solaris CDs, a Staroffice CD, a couple demo CDs, and then there are around 2 books I think in it too. There may be more, but I'm not looking in the box at the moment. If you're having problems installing the software, you can also call a number and get some advice.
Also, if you have 5 Sun boxes or 1000 Sun boxes, you can use the same install CD on them. If you're running less than 8 processors you don't have to pay for a license and if you're running more than 8 processors, the boxes come with a license for the newest version of Solaris, so you really don't have to pay for it anyways. If you have a box with more than 8 processors, you usually have a support contract, and upgrades to Solaris come with it.
from an inside Sun source at NSI:
1) There are no E10000 that were replaced .. there are no E10K servers at NSI. the old a.root-servers.net ran on an E450 (4proc) 4GB of Ram, and of those four processors their single-threaded bind process consumes 1.
2) a.root-servers.net is the top authoritative server for the .com, .net and .org zones and i think they also load the .mil, .edu, .gov, and .arpa on a.root .. that's it. The internal press release claims that they hold zones for all the ccTLDs (country-code specific Top Level Domains). This is incorrect, but they do point to the correct authoritative servers for each of the country codes.
suprising to find that much of NSI isn't aware of what exactly they do ..
Actually, this is not true. This server only translates the field directly before the TLD extension. That is, only yahoo.com and marthastewart.com are served. The www part is supplied by yahoo and martha's respective root servers.
Not even that is served from the root servers. All the root servers serve is IP addresses of the nameservers for the domain of the host being looked up, its up to the domains nameservers to deal out any actual IP's, including for their own domain.
You look up marthastewart.com, your nameserver asks one of the root nameservers where the nameservers for marthastewart.com is, it then asks them for the IP to marthastewart.com.
-- iCEBaLM
Well, I disagree with you that the author probably knows s/he is being technically inacurate. It's far more likely s/he does not understand DNS at all and was just to lazy to learn it or consult and expert for this short of a piece. If you are knowledgable you could easily describe the function of the root servers without going into techical details of how they work.
And, I'd also like to add to your comments to clarify things for those how have been misinformed by this article. The info the root servers maintain are listings of nameservers which are to be consulted when you want to find info on hosts within domains like marthastewart.com, yahoo.com, and so on for all the top level (com, net, org, etc) domains that NSI is authoritative for. They don't maintian any more level of detail about a particular domain than that.
Yes it has a name. It's named "A.ROOT-SERVERS.NET." and it's IP is 198.41.0.4. Which you would know if you looked at your named configuration. :)
The rootservers are, as everyone who has ever edited a nameserver zone file knows, the dot in "com.", not in ".com" (which actually is ".com." and invalid without a proper 2nd leven domain).
Claus
The day Windows takes over the net will be a very, very sad & pathetic day. The internet was built on Unix. Heck, if Windows took it over, then eventually it will be http:\\slashdot.org\ instead of http://slashdot.org/. I already get messed up enough in dos, I don't think I could handle switching every time I want to surf the web!
whaddabout wais seaches? Did they forget those?
"It's tough to be bilingual when you get hit in the head."
Could this possibly have anything to do with the "hot property" domain mindset that means every acme.com also registers acme-widgets.com, acme-foo.com, and acme-bar.com, instead of using the DNS hierarchically as it was designed for by registering widgets.acme.com and so on within their own domain?
*One* Server holds the master file?
One server hold the master file, yes. That master file is mirrored among many other servers which are not only located in different parts of the country but also in different parts of the world.
No load balancing/[obligatory beowulf]/Round Robin? I would like to think there is some redundancy in there...
{sigh} Spoken like a true PC server user.
I've got four S70s which are almost identical to the S80 but max at 12 processors instead of the S80's 24.
When you think server, you see a tower or maybe even a rack-mount PC. The S80 is no such beast. It is literally the size of an industrial refridgerator. And that's just for the processors. Right next to it is another cabinet of a similar size which has the IO drawers, drives and else.
The only parts of the S80 that are not redundant are the processors and memory. Since both are non-moving, non-mechanical parts, they have an ultra long MTBF. If either fries, the machine takes itself down, 'deconfigures' the failed item and then brings itself back online. Try to get any PC server out there to do that.
(Our S70 lost one of 12 processors three weeks ago at threeish in the morning. It was down and up so quickly no one even noticed it. A few days later, I was reviewing some logs and noticed that I was short a processor.)
Yes, no system is failure-proof. However, the mindset that the S80 suffers from the same problems as a PC server is as silly as thinking a Piper Cub is in the same league as Air Force One (the president's plane).
Internally, the S80 is redundant and can support an amazing load, externally, the DNS system will out-live us all.
InitZero
You are correct. .com is not separable from .com.. it's all one zone. just as the trailing dot is a zone.
the . in
(April 20, 2000) Up to recently, Network Solutions Inc. (NSI) used a Sun E10000, one of the powerhouses of the computer world. But recently, they've moved to a brand new IBM RS/6000 S80. What brought on this startling change? The Dali Lama caught up with someone from NSI recently and here's what went on.
"Well, it all started with Comdex last year." says J.R. Bob Dobbs, VP of Sales at NSI. "Sally over in Marketing talked to this really cool guy at the IBM exihibit. Anyway, he said he could get this really great deal on this new equipment they had coming out. and she said to me 'Wow, think of the free publicity...' and we just knew we had to move. Besides, the old E10000 allows you to do maintance while part of it isn't working, and I'd rather it just stop working while someone is fixing it! I mean, when you blow a tire on your car, do you want it to actually keep driving instead of forcing you to pull over! Come on, that's dumb!"
But what of the costs of migrating to an entirely new Unix platform? and the support costs? Dobbs commented "Well, the migration wasn't very easy, but after calling IBM technical support every day for the past month, hiring IBM global services to come out and fix it repeatedly, and firing our entire Solaris loving admin staff, we're through the migration already! I don't care if the new Sun processors and new 128 processor machine is coming out in six months, I want to spam the domain owners now! Besides, IBM assured us that he would install this great tool called 'smit' on the machine. Hell, I'm the Systems Engineer now! I don't even know what it's doing, I just point and click and it does stuff! Think about the huge amounts of savings with Administrative staff! Besides, IBM assures me I won't need anything but smit! I'm even IBM certified!"
And what of the older processes still in place, like mail forms for registration names, and sending 'CRYPT-PW' via mail? Bob quickly snarled back with "Oh, you want security? wah, go cry in your milk, you linux pussy. I got the root server, fuck off."
Obviously, great things are instore for NSI in the future.
[note: Sorry if I'm a little biased, but how probable is this scenerio? Anyone else ever dealt NSI or IBM on a 'professional' level? And yes, it's all a joke. J.R. Bob Dobbs is entirely too cool to talk to the Dali Lama.]
--
Gonzo Granzeau
Gonzo Granzeau
"Nothing the god of biomechanics wouldn't let you into heaven for.." -Roy Batty
You see, outside of the WinNT server world, you have mainframes capable of huge amounts of processing by themselves... when you have 24 processors in one box, who needs load-balancing?
(and DNS has so many hot backups worldwide, redundancy is, well, taken care of
Returned Peace Corps IT Volunteer
To answer your question, other top-level domains leach off this main one. If this one goes down, the other ones step in for it I would assume. Problems occur only when its down for a day or more. Then all the new domains are screwwwed...no one can get to them because the main machine is not able to update.
SOME Sun salesmen I'm sure are... after all, their commission is riding on their sales. But, you'll find some pushy salesmen in every single business out there, including IBM, HP, and especially EMC. But there are also a LOT of non-pushy Sun salesmen who value the relationship with their customer and focus on making sure the customer is happy, and trying to solve the customer's business issues and needs.
He must mean the "Mister D" ads.
Who could have imagined the day when geek ads go ebonic?
ANd all of what, six, that they sold last year?
Then again, I still have a stash of the pre-cube
single little blue bulbs, a handful of flashcubes (not magicubes; they needed a battery),
and even some #5 bulbs (or are mine 25s? I forget)--the ones nearly the size of a golfball.
And I have the cameras to go with them. What I *don't* have is the 120 and 620 film (but you can still get at least the 120) that the cameras take . . . ooh, and one that takes 127 . . .
What could cause such a dramatic increase in hits on the main root server?
There are still tons left.
/. sucks.
slashslashdot.* is still available. Somebody could turn that into a good "News for Serial Killers. Stuff That Splatters" web site.
antislashdot.* is available too. The site for people who think
Or you could just take suckdot.org. I'm surprised nobody took this one after the suck.com parody.
But dot[dot[dot[...]]].* are all taken up to 5 dots. So's quux.net. You can't have that one.
If anyone uses one of these and IPOs and makes a fortune, can you buy me a sports car? Thanks!
/peter
David E. Weekly
David E. Weekly
Code / Think / Teach / Learn
h4x0r for
And let us not forget microsoft, who put the . in .borg . . .
.]
:()
[I hope this doesn't appear twice; it looked like the message that flashed as I was killing the box said somehtin like slashdot requrires 70 seconds between comments . .
--
--
We have fought the AC's, and they have won.
http:\\slashdot.org\
Try right-clicking an empty area of the Windows® 98 taskbar and choosing Toolbars > Address. Now click in the address box (you may need to make your taskbar bigger) and type \windows\system and notice how Windows changes backslashes to forward slashes. The only reason Windows uses \ instead of / is bug compatibility with MS-DOS 1.0, which used / instead of - to specify option switches on the command line. When subdirectories, device drivers, and other features imitating Unix® were hacked into DOS 2, the Unix-like / directory separator was already taken, so they had to use \. Anyway, DOS is perfectly happy if apps pass it / (command.com blocks it because of the option problem), and it's the default for the DOS Bourne Again Shell, part of the DJGPP port of GNU.
Will I retire or break 10K?
No load balancing/[obligatory beowulf]/Round Robin?
I would like to think there is some redundancy in there...
Furthermore, arpa wasn't the only game in town. Federal funding certainly let it grow into what is now the internet, but the seeds had also been planted elswehere. Had it not been for federal funding, fidonet (or possibly something else) could have grown into what we now know as the internet.
It was going to happen; the question is merely when and from what roots.
Hmm, and I'd bet spam would be significantly less of an issue had it grown from fidonet, but that's a completely different issue . . .
Our Root server (not NSI, one of the others) is a dual-processor Sun 450 with 4 Gigs of RAM.
Bind 9 does load balancing between two or more processors, bind 8... well... doesn't. Running top on the root server while it's running, and you see CPU3 with high utilization, and cpu 1 with like 1% (only from top and the shell)
I don't really see the point of going multiple processors until they use Bind 9.
FWIW, the 'A' server really isn't the master of the root domain anymore, since ICANN has control over what goes in, and what stays out of the root zone.
As for the single point of failure, if A blows up, destroyed by fire, destroyed by quake, etc., the others just simply will have to pick up the load of the missing 'A'.
If the mechanism of downloading the zones fails, we have a while (a few weeks) to make up our minds about what to do before bad things happen -- like internet not working anymore.
And I know at least one Root Server Operator (well, me...) who checks out slashdot daily. I bet more do.
-- If you met me, you probably wouldn't remember me. I'm pretty hard to remember.
or if it a corpoarte agreement... specially since netSOl was bought by versign.
Rampant Speculation Crushing...
They went with the IBM because they did a bake-off, and Sun LOST. Sun came in dead last. There is a reason the suck-ass operating system is called "Slowlaris" (don't get me started).
...AND...they did the bake-off before the buyout.
I don't know offhand if they tested linux.
-- If you met me, you probably wouldn't remember me. I'm pretty hard to remember.
Since the average reaction of most non-technical people to the whole dot-in-dot-com things was, "Wha..." and the average reaction of most technical people was "$#%^ing inane market gabble" they must be really irritated that it backfired on them. I didn't even know what that marketing slogan actually meant until I read this article. (Chastise me if you like, I just don't research stupid marketing slogans. I just said, "Right, the dot in .com, sure, whatever..." I realize it's probably some kind of sin in the Church of the Subgenius, but then I'm a minion of Cthuhlu anyway, so that isn't that important.)
I'm sure they will both be fine machines, but I think people here who are Linux zealots (and I'm guessing there are probably some around) should appreciate the fact that IBM seems to be very serious about Linux, and even if it's running AIX now, they may switch in the future.
Besides, I like the scary black IBM Netfinity we have in our office. It came sans operating system, too. Nearly drove the Windows guy in the office nuts (he tried to install NT on it), I finally got a Linux up on it. I wish they had shipped it with OS/2 though, I've always wanted to try that fabled OS...
Hmm, what is it running? Is it AIX? The article doesn't seem to say... You know, it _could_ be running Linux.
All the creatures will die, And all the things will be broken. That's the law of samurai. (Jubai, 1605)
Actually.. they are not the . in .com, the article misrepresents the truth.
.com is not separable from the domain.. as every domain begins with a dot and ends in ... whatever..
The . is actually the trailing dot, ie '.com.'. The top-level zone in DNS, that all other records are part of is simply '.'. It's assumed, and not normally written with a domain name (anyone working with bind sees this constantly)
The dot in
A well loaded E10K is several million. $80K is probably the cost of the empty chassis if you qualify for some kind of special deal from Sun.
Looks like the . in .com was /.'ed
kwsNI
Cisco is overpriced, hyped hardware. It's not bad, does its job, but could easily be replaced by a better or cheaper solution. Cyclades solutions would give you a lot better performance. Xyplex solutions are arguably more robust and expansible. A Linux box with 2 NICs and an X.21 card could replace a Cisco router for about a fourteenth of the cost. Even my female collie knows this, and she suggested it to me just the other day when I was talking to her about the new Cache engines that we were deploying at work. I noted that SQUID could do what the cache engines from Cisco were doing (which, btw, go for around $50,000 or something ridiculous), for around a ten times less the price. She agreed and added that you could also run a Linux box as a router with the aforementioned hardware (NICs, X.21 card, etc) and the right daemons. And yet Cisco are one of the top-selling solutions around, gotter ask yourself WHY.
no sig
It was shipping long before that as the Cray CS6400. This is technology bought from Cray Research, Inc. in 1997. They were being acquired by SGI and wanted to unload technology that competed directly with SGI's Origin2000.
1. a.root was a Sun E450 with quad 300mhz sun4u processors and 4gb of ram until ~1 month ago 2. the rootservers have never answered "millions" of queries per second. more like 6000 queries per second. 3. the IBM incarnation of a.root also has quad (323mhz?) processors, not 24 as the article states. all in all, a lot of blather with little technical or reality basis.
I wonder if there were any technical reasons for the switch of platfrom... ie Solaris to AIX... or if it a corpoarte agreement... specially since netSOl was bought by versign.
I made a typo :)
If you're not a Liberal in your 20's, then you have no heart.If you're still a Liberal in your 30's you have no brain.
And does it has a name ?
If so, which DNS server will give you the IP address of the machine ? And where will it get it ?
I agree. I think you'll find IBM replacing one set of boring ads with their own.
kwsNI
An AC posted this two days ago, and none of the moderators have upped it. Way to go.
NSI doesn't even have an E10K. The the new IBM machine replaced a Sun E450, which is a 4 (400MHz) CPU machine.
The Washington Post article was wrong.
This is a nice marketing coup for IBM, but it should come as no surprise that a new 32 processor box can handle a larger load than an older 4 processor machine.
Everyone calm down, ja ne?
the plan at NSI is to standardize on ONE PLATFORM --
Yes, that would be incredibly stupid.
The statement you made is just plain wrong. NetSOL doesn't have any control over the root servers. Each individual operation that administers each root server is responsible for the decision on what hardware, and with what OS that Root Server will run. NetSOL has no say in the matter. Period.
We know about the dangers of homogeneity. (I wish PHBs would understand that when they start crowing, "NT EVERYWHERE!" (don't get me started).
We know about the Irish Potato famine.
The root server community is NOT a bunch of idiots, you know.
If you wonder what makes a root server tick, go read RFC 2010
-- If you met me, you probably wouldn't remember me. I'm pretty hard to remember.
The article is NOT correct. Read the other article here. They are replacing a 4 CPU SUN E450,
...
with a 24 CPU IBM server.
Thats quite a typo. SUN E450 is a "workgroup" class server is 4 CPUs. E10000 is the high end SUN server with 64 CPU, etc
And of course whoever runs slashdot must be full of it if they think this is even a remotely interesting news to be posted here
I've always been annoyed at Sun saying this. It was I who suggested that dot be the character to divide the multilevel domains in an arpanet 2-level domain, and Jon Postel who later drafted it. We gotta stop Sun from saying this. And no, I'm not making this up. The record is at this page with archives from the tcp-ip digest of Jannuary, 1982.
Has it been over a year since you last donated to the Electronic Frontier Foundation
F.root-servers.net claims to be the busiest with 260 million queries/day running on twin ES40 COMPAQ alpha servers.
Sounds like a whole lotta 'dot' to me.
----------------------------------------------
I don't really mind double posts on
Removes your links when you preview. The link from the last post was this one
Has it been over a year since you last donated to the Electronic Frontier Foundation
This looks like AIX system configuration output.
How did you get this?
BTW, the proc[0-3] represents the processor card, each of which holds 6 processors and is hooked to the backplane (thus the 00-)
Check it out http://www.rs6000.ibm.com/hardware/enterprise/s80_ specs.html
Vermifax
Vermifax
Logout
But there are just more more credible quotes to make fun of rather than the same one OVER AND OVER AND OVER again. you know, ones where they said what they meant and it still came out wrong...
--
Gonzo Granzeau
Gonzo Granzeau
"Nothing the god of biomechanics wouldn't let you into heaven for.." -Roy Batty
Scary, huh?
- A.P.
--
"One World, one Web, one Program" - Microsoft promotional ad
"Remember when the U.S. had a drug problem, and then we declared a War On Drugs, and now you can't buy drugs anymore?"
The story cited has a major error. The root name server "A" was a 4-way Enterprise 250, not a 64-way Enterprise 10000. No way can a S80 replace a E10000, despite IBM's inflated claims.
I know that IBM make stable machines, but still,
it could happen. I'm just glad it doesn't run NT...
Je t'aime Stéphanie