Anyone with basic understanding of DNS infrastructure knows that Bill is wrong.
You do not need to query the root nameservers often, a slight increase in latency makes no difference whatsoever for queries which occur once every 10 minutes or so and can be performed in the background.
> Anyone with basic understanding of DNS infrastructure
Well, since I have actually developed, built, and operated global-scale authoritative (and resolver) DNS infrastructure, as well as ISP infrastructure more generally from the first dialups to multinational backbones, and internet exchanges, and witnessed (and handled) the many and fascinating failure modes (whether accidental or malicious) of both the DNS and Internet routing, by this standard I am prepared to make the ambit claim of being qualified to comment.
> I agree with his remarks. You are not arguing against them, but against some fictional re-imagining of what they might've been.
Please drop the unnecessary insults. I read what he wrote before my first reply, and this is specifically what I am objecting to:
> 2) Shut down the root nameservers inside Russia. That would make connectivity spotty for many users inside Russia, but mostly regular folks, not government or military users.
It is a downright lie, shutting down root nameservers inside Russia wouldn’t make connectivity inside Russia “spotty”.
Slight increase in latency to foreign root nameservers would have no noticeable impact as you can always query them in the background.
PS. Why do you need to be such an asshole about this? It’s completely unnecessary. You aren’t the only person in the world with networking experience, you aren’t special.
Your "anyone with a basic understanding" line was a blunt and unsmiling allegation of incompetence. When dishing out abuse, don't complain when it comes around to bite you.
> You aren’t the only person in the world with networking experience, you aren’t special.
Neither are you, I suspect, but please do keep trying to erase my right to express a view, it's just so charmingly effective.
As for the actual assertion, about connectivity, pay close attention to the clause: "regular folks, not government or military users".
Bill's claim is not a lie. The argument being expressed against is focused on DNS in theory, not in practice. As the classic ISC t-shirt represents, critical infrastructure is a nine-layer stack, not seven, of which Bill is no doubt acutely aware. I have traveled in totalitarian countries and can confirm first-hand that they restrict civilian access to foreign DNS servers, both authoritative and resolver, and connectivity for "regular folks" is very much directly impacted.
Regular folks will not suffer from slightly increased root NS latency, their resolver will cache the replies. The TTLs are long, root nameservers don’t need to be queried frequently.
The world is full of countries without locally hosted root nameservers, they do just fine. That’s a vast body of evidence that directly contradicts this claim.
Removing root nameservers from Russia would be an utterly meaningless gesture without any real world impact.
> I have traveled in totalitarian countries and can confirm first-hand that they restrict civilian access to foreign DNS servers, both authoritative and resolver, and connectivity for "regular folks" is very much directly impacted.
Russia does not do this. That’d be a completely separate issue.