Re: .mil domain

["Mark T. Ganzer" <ganzer () san rr com>]

One already is. The H server resides at the Army Research Lab, which is 
connected to DREN (AS668).

FWIW there is not a single homogeneous .mil network.  There are several 
DoD networks that provide service to customer organizations, and some of 
the major public DoD sites are also directly connected to commercial 
ISP's. Also different services and sites may have different policies as 
to who they allow access from. So without knowing the destination 
address, it's hard to be able to tell someone who thinks they are being 
blocked who to contact. If you can't reach a site directly, try their 
upstream providers and see if they can help provide a POC.  Try looking 
at the aspath for the destination, and if any of the following show up, 
try these POC's:

AS668  (DREN)    866-NOC-DREN or noc () dren net
AS7170  (ATT-DISC)    888-DISC-USA or noc () att-disc net
AS568  (DISN)    DISA GNOSC at 703-607-4001  or the Columbus RNOSC at 
800-554-3476

For security related issues, try contacting the DoD CERT (www.cert.mil, 
800-357-4231). All of the services have their own CERT as well, however 
they all coordinate with this organization.

-Mark Ganzer
Space & Naval Warfare Systems Center, San Diego
ganzer () spawar navy mil 
note: this is posted from my personal email account, not my work account).


Mark Borchers wrote:

> Suggestion:  migrate the current MIL root servers to the DREN
> network.  Thus they would be easily accessible from DoD's
> networks, while residining in front of any MIL filters or
> blackhole routers relative to the rest of the Internet.
>
>
>  
>
> > On Fri, 30 May 2003, Mike Tancsa wrote:
> >
> >    
> >
> > > At 01:15 PM 30/05/2003 -0500, Stephen Sprunk wrote:
> > >
> > >      
> > >
> > > > For the same reason anyone else accepts their routes --
> > > >        
> > because they want to
> >    
> >
> > > > be able to reach them.  If they don't want to reach _you_, that's their
> > > > choice.
> > > >        
> > > As Sean Donelan pointed out, the fact that 2 of the root name
> > >      
> > servers are
> >    
> >
> > > inside their network, there is more to the issue than you
> > >      
> > suggest.... I for
> >    
> >
> > > example want people in Australia to be able to reliably lookup
> > >      
> > DNS info on
> >    
> >
> > > my domains.  The .mil people have decided to hamper this process.
> > >      
> > I agree.  The root servers should have no filtering in place to block any
> > demographics (unless of course a given node is DoSing them).
> >
> > The last time I tried to contact a .mil to report an open relay that was
> > being abused, I was accused of being a spammer that had "hacked" their
> > server.  Since that time I reject .mil mail.
> >
> > Justin
> >
> >