Thanks, Patrick, inline
On Wed, Aug 06, 2014 at 08:10:19AM -0400, Patrick W. Gilmore wrote:
> >
> > a) What documents beside RFC3258 are describing any uses/procedures
> > for having DNS servers use an anycast address to receive and respond to
> > requests ?
>
> Dunno, but something tells me a quick BING search would return millions of
> answers.
I carefully read the first 999,999 hits (;-) and they all where about
what i would call commercial DNS/zone services that run their own anycast
cluster
of DNS server. I was wondering about variations on the scheme.
But a followup question coming to mind:
Is it fair to say that DNS would be the prime reason for anycast addresses
injected into the global BGP routing table ? Has anyone tried to stat that ?
Eg: counting how many global BGP prefixes are "anycast" due to their
properties,
such as availability at widely disperse nework locations without actual transit
indication in the AS path attributes (or the like, i am not a BGP expert, i am
just guessing how they could be recognized).
> Common? Ridiculously so, for at least 20 years.
> Well known examples? CDNs, as you already mentioned. E.g. LLNW.
Thanks for the example. Any non-CDN examples for localized information ?
> > c) Any example in which the DNS servers utilizing a single shared
> > IP address (anycast address) are run by different operators ? Any
> > documents describing this ? (RFC3258 seems to focus on single operator
> > anycast group of DNS servers.
>
> How about the root servers?
The way i read RFC3258 it sounded as if every individual root server could
use its own anycast address across its own set of disperse DNS servers. But
i could see no indication that specific anycast addresses where assigned to be
used by root servers run in different organizations. If that is actually whats
done today, that would be good information.
One of the reasons of asking is trying to understand if there is a combination
of b) and c) in deployment. Eg: If some organization has some authoritative DNS
data,
its easy to say: Here, i also have an IP prefix that i permit anybody to use
as the anycast for DNS serving secondaries of that. And be happy about anybody
who
seconds that zone with that anycast address. Thats just
performance/reliability/load-sharing.
Once you start leaving out the consistency of the served information AND
you allow the same anycast address to be used by different organizations,
it becomes a lot harder for any individual organization to asses whether
a client is getting the right localized information because it can come from
different organziations. Of course, i think this scheme can work if there
are specific agreements about the policies of localization across the
participating
organizations, but i am not sure if this is being done, and if so, what
examples there are.
Thanks
Toerless
_______________________________________________
DNSOP mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dnsop
