How do you create an SLA and status page for the whole internet? Meet IANA: Keepers of DNS

Running the web without the US at the helm – and in Java

When control of the internet's naming and numbering systems is handed over by the US government to domain system overseer ICANN, there will be one big change: it will be subject to a service level agreement drawn up by the internet community.

ICANN's IANA department runs the world's DNS, IP address allocation, and other tasks, under contract for Uncle Sam. That contract is coming to an end, so if ICANN – a California non-profit – wants to run the behind-the-scenes of the internet on its own, it's got to have an SLA. There are, after all, 3.2 billion of us relying on it.

The metrics from that new agreement – stats that show what is happening at the internet's highest levels – will be made available in a public dashboard for all to see, complete with graphs and traffic-light indicators.

It will be a window into the internet's most fundamental functions; a cardiogram of the global network's beating heart.

Although the change is a year away, work has already begun on making it a reality. A six-month process carried out by a number of representatives from domain-name registries has produced a report [PDF] that lists what it wants measured and what acceptable levels are.

But how do you measure what is an acceptable level of failure in a system that billions of people – and increasingly the world's economy – relies on? To tackle that question, first you have to understand how the very top of the internet works.

Although the internet is a famously distributed system, it does have one unusual feature: a centralized point of control at the very top. A "root zone file" determines the basic structure of the global internet that we use every day.

It is a very small file – smaller than the average webpage – but it contains the locations of all the servers for the different arms of the internet. If you want to go to a dotcom address, the root zone file tells you where the server that will give you a list of all the dotcoms can be found. Likewise for every other top-level domain, from the United Kingdom's .uk ending to the hundreds of new internet extensions that have been added in the past year, like .london and .science.


The process of making changes to that file is covered by a contract, called the IANA functions contract, that is owned by the United States government and has been awarded out to ICANN for $1 in four different contracts covering the past decade. Unsurprisingly, given the enormous impact that any changes made through that contract have on the global internet, any changes to it can be requested only by the party that is affected.

So if the company that operates the .uk registry, Nominet, wants to make a change to .uk, it contacts the dedicated staff at ICANN that run the IANA contract. The IANA staff then checks that the request comes from the right party – Nominet in this case – and that there is nothing unusual in the request.

There are then two further checks: one by the US government which checks that ICANN has followed the right process, and one by Verisign, the company that runs both the dotcom registry and the "A" root server – which holds the authoritative version of the root zone file. Verisign runs technical checks to make sure the change doesn't do anything problematic, and then approves and makes the change.

To devise a new service level agreement for this process, the internet community decided to go through it step by step and decide what were appropriate levels of performance at each stage.

How accurately does the data published in the root zone need to match that provided in the change request? That's easy: 100 per cent. Just one digit wrong in an IP address would relocate an entire arm of the internet.

What about how long it should take for someone authorized to access the system to get an email providing them with a reminder of their username or password? Five minutes, according to the internet community. With a 95 per cent monthly accuracy requirement. The same levels stand for making a password change to the system.

What about the updated dashboard that covers the changes being made? Changes will need to be reflected within 30 minutes. The data displayed has to be 100 per cent accurate.

In all, the community came up with 13 new metrics in addition to the existing four, and 13 service levels. The necessary performance levels for some of these still need to be decided on.

Some of the new service level requirements on the IANA functions

Similar topics

Broader topics

Other stories you might like

Biting the hand that feeds IT © 1998–2022