Home / News

Unexplained Glitch Disrupts Root-Server, Raises Security Concerns

For over four days, a crucial server within the Internet’s domain name system (DNS) experienced an unexplained glitch, causing it to fall out of sync with its 12 peer root servers. The server, operated by Cogent Communications, is one of the 13 essential root servers that manage the Internet’s root zone.

C-root server lag: Typically, these root servers, which are clusters of geographically dispersed servers, synchronize rapidly to maintain Internet stability. However, the C-root server, managed by Cogent, stopped updating on Saturday, leading to a three-day lag compared to the other servers. This issue, flagged by French engineer Stéphane Bortzmeyer, forced engineers to delay scheduled updates for the .gov and .int domain name servers, which were set to implement new DNSSEC cryptographic keys.

DNSSEC delay: Christian Elmerot, a Cloudflare engineer overseeing the .gov DNSSEC transition, confirmed the situation was being monitored and the DNSSEC update would be postponed until the C-root server stabilized. The potential risks included increased susceptibility to DNS cache poisoning and other security threats if the cryptographic keys were not uniform across all root servers.

Network connectivity disruption: The glitch coincided with another issue that prevented access to the C-root website, also managed by Cogent. This problem was traced to Cogent transferring the website’s IP address to Orange Ivory Coast, causing further confusion. The root server issues emerged amid Cogent’s recent termination of peering agreements with several carriers, including a partial “depeering” with Tata Communications, which impacted connectivity for many sites in the Asia Pacific region.

Cogent responded late Wednesday, acknowledging the glitch and attributing it to an unrelated routing policy change. They stated the issue was resolved within 25 hours of identification, ensuring no DNS queries went unanswered, though root zone freshness was temporarily compromised. The exact relationship between the various issues remains unclear.

By CircleID Reporter

CircleID’s internal staff reporting on news tips and developing stories. Do you have information the professional Internet community should be aware of? Contact us.

Visit Page

Filed Under

    Comments

    Comment Title:

      Notify me of follow-up comments

    We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

    CircleID Newsletter The Weekly Wrap

    More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

    I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

    VINTON CERF
    Co-designer of the TCP/IP Protocols & the Architecture of the Internet

    Related

    Topics

    Threat Intelligence

    Sponsored byWhoisXML API

    Cybersecurity

    Sponsored byVerisign

    New TLDs

    Sponsored byRadix

    Domain Names

    Sponsored byVerisign

    Brand Protection

    Sponsored byCSC

    IPv4 Markets

    Sponsored byIPv4.Global

    DNS

    Sponsored byDNIB.com