nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Local root zone (Was NYTimes: Egypt Leaders Found ‘Off’ Switch for Internet)

From: Steve Gibbard <scg () gibbard org>
Date: Wed, 16 Feb 2011 15:38:07 -0800

On Feb 16, 2011, at 3:10 PM, Steven Bellovin wrote:



On Feb 16, 2011, at 4:25 13PM, Fred Baker wrote:


I don't think that the Egyptian shutdown of domain names had much effect; that's why the bgp prefixes were 
withdrawn. What was effective was the withdrawal of BGP prefixes.


Per the NYT article, the issue was the Egyptian "Intranet" -- people couldn't contact other sites within Egypt by 
host name, even though the routes were up, because they couldn't resolve .eg, .com, etc.


This is interesting, in that according to http://www.root-servers.org Cairo has two root servers (F and J).  The 
presence of a Verisign-operated J Root leads me to assume there are probably also local .com and .net servers.  One of 
the three name servers for .EG looks like it could plausibly be in Cairo (IP address space registered to an Egyptian 
postal address, 100 ms response time from London).  If DNS look-ups at that level didn't work, it seems likely that 
there was some disruption of internal connectivity as well.

Or, it may be that "the Internet" still mostly means foreign services.  Being able to look up the addresses of 
Facebook's name servers isn't the same as being able to access Facebook.  The Times article was a bit short of 
specifics on that, and I haven't seen other information on what it looked like internally.

There's something important to keep in mind in cases like this, though.  Having redundancy and local copies of things 
is very good for protecting against accidental disruptions or disruptions of services in other jurisdictions.  
Protecting things that local guys with guns want to have go away is a somewhat different story.  It seems likely that  
if "the Internet" had still been working after the things the government did to shut it down, the government would have 
done more.  If somebody had managed to put all the pieces together and provide wide access to content the government 
wanted gone, they would probably have been told to stop.  I'm a bit skeptical that having more local copies of things 
would have helped much.

-Steve
Previous By Date Next
Previous By Thread Next

Current thread: