Next phase in deploying anycast instances of k.root-servers.net

Dear colleague,

After discussions at the last RIPE Meeting, we would like to clarify our 
current thinking about adding further anycast instances to 
k.root-servers.net. This message sets out the direction and further 
details the requirements for hosting such an instance and calls for 
expressions of interest from the Internet community to support this 
activity.

I look forward to your support.

Best regards,

Andrei Robachevsky
CTO, RIPE NCC


General requirements and guidelines for expressions of interest
for hosting a mirror instance of k.root-servers.net
==============================================================

Introduction
------------

The RIPE NCC operates k.root-servers.net, one of the servers used as a
name server for the DNS root zone. In order to further improve the
distribution of the service in various Internet regions and its
resilience against DDoS attacks the RIPE NCC is deploying mirror
instances of the server worldwide as described in the ripe document
"Distributing K-Root Service by Anycast Routing of 193.0.14.129" (RIPE 268).

The first phase of this project included moving the cold standby
instance of the server to service using anycast routing. This phase was
completed in July 2003 and k.root-servers.net is currently deployed in
two locations (LINX, London and AMS-IX, Amsterdam).

The next phase will be mostly focused on the deployment of nodes with
limited reachability in the RIPE NCC service region. The main motivation
for this phase is:

- Improving access to k.root-servers.net for a significant ISP
    community.
- Isolating impact of an "external" DDoS attack.
- Localising impact of a "local" DDoS attack.

This document sets the direction and further details the requirements
for hosting an instance of the k.root-servers.net server so that
interested organisations may understand the general intentions and
requirements of this phase of the project. Organisations wishing to
express their interest in supporting this important activity may do so
by following the guidelines below.

Physical Sites
--------------

Suitable sites for the location of mirror instances of the
k.root-servers.net server will in most cases include an Internet
exchange (IX) that offers a very high standard of infrastructure and
Internet connectivity. The members of the IX should represent a
significant ISP community in the region.

In terms of physical infrastructure and services, a hosting site must
satisfy the general requirements for root server locations, which are
described in section 3.1 of RFC2870.

Server Hardware
---------------

All hardware for the instance of k.root-servers.net will be supplied at
the host's expense. In most cases a typical configuration will be
assembled by the RIPE NCC and shipped to the hosting site.

The hardware will remain the property of the host, but will be operated
solely by the RIPE NCC.

The host will be asked to provide onsite physical support. However there
is no requirement for the host to perform maintenance on the systems
themselves, and administrative access will not be available.

Connectivity and reachability
-----------------------------

Though global reachability is not required for the instance of the
k.root-servers.net server, it is critical that access to the server is
provided in an open and non-discriminative manner to all members of the
IX. However, it is important that global transit is co-ordinated with
the RIPE NCC.

Requirements for reachability are different for the management network
of k.root-servers.net that is used by the RIPE NCC to perform system
administration. It is required that connectivity of the management
network is global and reliable.

Expressions of Interest
-----------------------

The RIPE NCC invites expressions of interest from organisations such as
Internet Exchanges or other organisations that represent a significant
ISP community in the region.

Expressions of Interest should include details of the support which is
being offered, such as hosting and connectivity.

Please provide as much detail as possible, including physical
infrastructure details, upstream and peer network connectivity details,
and bandwidth availability. Please refer specifically to the provisions
of RFC2870 in your response.

Please send expressions of interest to: k-anycast at ripe.net

If any further information is required, please also use this address.