[CS-FSLUG] What if DNS goes down?

Tim Young Tim.Young at LightSys.org
Fri Sep 18 15:58:20 CDT 2009

I know this email borders a little closer on the not-technological as I 
give my thoughts on your question... Sorry if it crosses the line.

There are a number of very intelligent people high up in government who 
know a LOT more about the Internet than I do. In short, if our current 
administration decides to shut down the Internet, I do not think they 
would do it in such an ineffective manner as disabling the DNS. I 
actually know people who know people (I have actually met one of them) 
who works in these realms, and the guy I met was scary-smart. A simple 
law that was passed which made the Internet illegal would be much more 
effective. The government could then shut down the Internet pipe-lines, 
leaving rogue wireless meshes to connect us...

Secondly, the Internet is such an important aspect of Interstate and 
cross-country commerce, Credit-cards, etc. that shutting down the 
Internet would be the death of much of the International financial 
system. Even China, which is extremely restrictive on their Internet, 
has allowed the Internet in some form or other. So I am not worried any 
country whacking their own Internet completely.

But, if the DNS went away, there would be some alternatives which would 
crop up fairly quickly. If we think for a few minutes, I am sure we 
could all come up with a number if names of people high up in the 
open-source realms who are very smart and who would be very mad if the 
Internet went down like that. I doubt that you or I would end up needing 
to work much to get our systems active. Someone else would put up a DNS 
peer-to-peer mesh that would propagate massive lists of IP addresses or 
something... You would probably only have a few days of down-time before 
a patch solution was out there. Your DNS caching nameservers would last 
only 3 days at the most before they need to refresh themselves. A 
service like opendns.com would keep a lot of other DNS entries in them 
and have a lot more DNS stuff cached; I would point my DNS to them. 
(Except, of course, the government would probably do something a lot 
more interesting than just blocking the root servers; it is extremely 
easy to intercept all DNS queries that go outside your network.)

In short, I feel that someone else can worry about this question if they 
want to. :) If something is going to happen to the Internet from a 
hacker, the DNS might be it. But it is a government, it will be 
something much more intrusive and much, much harder to combat.

- Tim Young

Ed Hurst wrote:
> Trying to avoid the political implications here, I'm hoping we can 
> stick to the topic: DNS service.
> My knowledge is limited. Let's pretend for a moment some ruler decides 
> for his country to "shut down the Net" the only way he knows -- kill 
> the root DNS servers, or something similar.
> For those running a namecaching server, that's not immediately a 
> problem for their favorite sites. However, I am under the impression 
> that server tries to renew/recheck now and then. Am I mistaken? Is 
> there a way to prevent losing all your favorites if DNS disappears?
> Feel free to ridicule my ignorance, but at least try to answer the 
> main question. :-D

More information about the Christiansource mailing list