
If all DNS went down what would you do? - grendelt
If all of DNS was taken down or the root servers were taken offline in some coordinated attack, how would you manage to get back online? If a new sort of system was to be created in the absence of DNS, how would it be developed and pushed out? How would word spread?
======
niftich
DNS is hierarchical and extensively cached along a resolver chain, which
limits _some_ failure scenarios and allows limited recovery. Each DNS resolver
may happen to have some cached entries still good and unexpired. Therefore you
could probably recover some known-good IP addresses. This presupposes that a
previous cache poisoning attack did not occur or ruin your cache.

Alternative recursive DNS resolvers like Google's 8.8.8.8 (which gets the
award for being the most-memorable) and OpenDNS, DNS Advantage, etc. are an
option, but they are decidedly downstream of rootservers so they may have been
affected.

There exists a non-ICANN-run collection of DNS nameservers [1] (based out of
Europe) which are normally synchronized with the ICANN root, but can be
operated independently.

If, for some reason, the rootservers become unavailable for an extended amount
of time, others may move to establish rootservers, but every downstream DNS
resolver will still be configured to depend on the rootservers [1].
Reconfiguring these relationships is a fundamentally human process (as opposed
to a machine process), so it will occur out-of-band; then once trust is
established the downstream servers will point to the rootservers' static IPs
as it is currently done [2].

[1]
[https://en.wikipedia.org/wiki/Open_Root_Server_Network](https://en.wikipedia.org/wiki/Open_Root_Server_Network)

[2]
[http://www.internic.net/domain/named.root](http://www.internic.net/domain/named.root)

~~~
_RPM
Comcast's is pretty easy to remember as well:

    
    
        75.75.75.75
        75.75.76.76

------
qaq
8.8.8.8 :) On more serious note
[https://en.wikipedia.org/wiki/Distributed_denial-of-
service_...](https://en.wikipedia.org/wiki/Distributed_denial-of-
service_attacks_on_root_nameservers)

------
qwertyuiop924
We could establish a temporary database on 8.8.8.8 until a more permanant
solution came into being. There's not much I could do personally.

------
facorreia
I'd take a couple days off to play videogames until the system was restored.

~~~
veddox
And in the meantime, the world economy comes crashing down all around you...

------
taf2
/etc/hosts ftw

