On Wed, Oct 03, 2007 at 08:10:03PM -0400, Dean Anderson wrote: > But none of this is relevant to the claims that Hickson made.
no, but they're directly relevant to the claims that you made: >> direct server return aka one-arm load balancing does no translation or >> rewrite of any headers (l3 or l4). all it does is make a switching >> decision based on health check and other weighting criteria. > > Header rewriting? as in http header rewriting? That isn't anycast > either. you said a load balancers is "actually a stateful NAT". it's not. even us 'junior sysadmins' know that "no translation or rewrite of headers (l3 or l4)" is a reference to changes (or lack thereof) to the IP and/or TCP,UDP headers. even the 'junior sysadmins' that we all are know that if i meant http header rewriting i would have said "L7" not "L3 or L4". which of course has nothing to do with anycast. it has everything to do with your incorrect assertion you made that "a load balancer is actually a stateful NAT". > On Wed, Oct 03, 2007 at 12:33:09PM -0400, Dean Anderson wrote: > > > No, that isn't anycast. A loadbalancer is actually a stateful NAT with > > > > several different hosts behind the load balancing NAT. my post (and many others) pointed out, rightfully, that a load balancer is not a stateful NAT unless configured in such a mode that requires it. sometimes no translation occurs. it keeps some sort of state, but not always a NAT table. you're 50% right (or 50% wrong depending on your perspective). others have explained that some use NAT in some configuration modes, but many configurations do nothing resembling NAT. they've done so more than adequately. a duck is a bird, but a bird isn't always a duck, and so on. as far as "no load balancers use anycast". many do route health injection which when you add more than one load balancer injecting the same route then you have.... that thing you claim is a complete failure and can never work but somehow plenty of installations use it with success when configured properly within their environment. > And Hickson's dispute isn't relevant to anything about reflector > attacks. You apparently digress. i just must be a fraud and liar, not to mention a "junior sysadmin". if that makes you feel superior, feel free to think it. -- bill _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www1.ietf.org/mailman/listinfo/dnsop
