After meeting ICANN staff at NANOG 65 in Montreal, I started the process of getting an L-root node installed at MBIX.
First, I asked the Board to approve the cost of the hardware, which was about $2800 CAD (For the smallest server).
Next, I contacted ICANN, and started the application process. There were forms to sign, mostly saying that we would be a good host, keep the server powered on and connected to the network, and in a good facility.
After that, we exchanged technical details, mostly MBIX proving IP address information to the provisioning team.
Finally, the server arrived, we racked it, and powered it on. The ICANN DNS engineering team did final configuration remotely to activate the server.
At that point, we had AS20144 sending v4 and v6 prefixes over BGP, to the MBIX router (not to the peering fabric or route servers). L-root doesn’t peer directly at the exchange, they are hosted, so AS16395 needed to provide transit and peering on their behalf.
First, we started announcing the prefixes to the MBIX route servers. This worked well, and we started seeing queries coming in using ICANN’s graphing tool, about 10-20 qps. Stats can be viewed using ICANN’s tool: http://stats.dns.icann.org/
Then, we announced the prefix to our upstream transit provider Hurricane Electric – AS6939. This made no change, because HE.net provides transit to AS20144 in Ashburn, Virginia. So the AS Path to the MBIX node was longer, and never preferred.
Then, we announced it upstream to Shaw – AS6327. This caused a large jump in traffic, up to 100 qps. But the increase was only on IPv6. Looking more carefully, I had typo’d my update request to Shaw, and they had allowed the wrong prefix.
I had Shaw correct the mistake, and once they did we saw a flood of IPv4 queries to the YWG01 node, about 200 qps.
To test which L-root node you’re getting results from, you can use the ‘dig’ too:
# dig CH TXT hostname.bind @l.root-servers.net
You can use -4 or -6 to force the protocol version–you may get different results with each protocol. I’d be interested in knowing your results.
MBIX is happy to be localizing DNS traffic, and improving in a small, incremental way, the performance of the Canadian Internet.