more on "Reporting to God - Dave Maher on the IAHC and Jon Postel" (fwd)

[David Farber <dave () farber net>]

Begin forwarded message:

From: Paul Vixie <paul () vix com>
Date: March 28, 2006 1:05:16 PM EST
To: Carl Malamud <carl () media org>
Cc: dave () farber net
Subject: Re: [IP] "Reporting to God - Dave Maher on the IAHC and Jon  
Postel" (fwd)

# This is a very scary story.  Wanted to confirm one "fact":
#
# "It did not reassure me to learn that until 1995, one of the  
thirteen root
# servers was kept by an engineer named Paul Vixie in his garage at  
home in
# Palo Alto. He later moved it to Stanford to a more secure location."
#
# Is there any truth in the above?

no.  it's something network solutions used to say for self- 
aggrandizement;
they also falsely claimed that the UMD server was under a professor's  
desk,
in an interview they gave WSJ some time during those years.  i'm cc'ing
dave in case he thinks the following story is worthy of interesting- 
people.

i didn't even have a root name server when i lived in palo alto.

f-root (called NS.ISC.ORG or some such at the time) was built in a  
garage in
redwood city.  while that garage had pretty good connectivity (56K  
DDS) for
the mid-nineties, it wasn't enough for a root name server (even back  
then
when traffic was lighter).  also i had no generator.  the hardware  
was bought
by UUNET Communications Services as part of their BIND grant to ISC.   
the host
was a 486dx2 (66MHz) with 64MB of RAM and two 1GB SCSI disks -- *fat*  
for the
times.  and expensive.  (this host is still online, having been  
demoted to
kerberos service... does the computer museum want it, one wonders?)

once built and configured, this host was carried to DECWRL, my former  
employer,
which was also the future home of the Digital Internet Exchange (aka  
PAIX),
and plugged into an equipment rack there.  at that time i had only a / 
24 of
address space and it was very full; f-root's IP address (192.5.5.241)  
was
dictated by the very tight subnet packing i had to use in a pre-NAT  
era to
support hosts in three buildings with a single "class C" network.  my  
rack at
DECWRL was an in-kind payment for my post-employment consulting work  
there,
in which i helped brian reid and stephen stuart create what would  
become PAIX.
therefore it seemed perfectly normal to all of us that ISC would  
become the
second PAIX participant after UUNET.  (this can be seen in the lowest  
numbered
IP address allocations in the PAIX /24 network.)

when PAIX moved from DECWRL's computer room to its own facility a  
block away,
ISC was the first participant to move in.  f-root was a "peering  
magnet" that
helped sell the PAIX idea, which helps explain why DEC (owner of PAIX  
at that
time) gave ISC some hefty "alpha" equipment to upgrade the hosts.   
these boxes
were the fattest in the land at that time -- four 600MHz 64-bit  
processors on
a nonblocking crossbar CPU/memory interconnect.  DEC could not afford  
to max
out the RAM, so my friend mark kosters of network solutions kindly  
donated
enough RAM to max out the backplane.  (largely justified by the fact  
that COM
was served on the same hosts as the root zone at that time, and COM  
was large
and growing.)  DEC sold hundreds of similar alphas as name servers  
around the
world on the strength of the story, "it's good enough for f-root,  
it's good
enough for any other nameserver."  and so it was.

f-root is now in 40 or so internet exchange points around the world.   
we had
to renumber every other host in 192.5.5.0/24 to "clean out" the  
address block
and make "anycast" possible.  the tradition of ISC never paying for f- 
root
hardware continues -- the IX operators who host our mirrors generally  
provide
the hardware, and cisco and juniper have donated routers in many  
locations.
our two busiest locations are san francisco (digital realty trust)  
and palo
alto (paix switch and data), and the current hosts in those locations  
are AMD
Opteron boxes donated to us by John Gage of Sun Microsystems.  we  
continue to
be a "peering magnet" in every internet exchange we enter, and other  
root name
server operators are now pursuing similar expansion models.

i guess that's more information than you asked for.  f-root never  
served a
single packet from any garage.  if maher is repeating netsol's self- 
aggrandizing
urban FUD legends without investigating them, then i suggest viewing  
the rest
of his so-called history with moderate suspicion.


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/