Hi Dean�� Maybe I did not explain my situation clearly in previous message.
In fact, what I'm facing is to set up a public DNS service system which consist Cache Server ONLY. We do have authoritative servers, but those server only serves a few domain name. Each of the four DNS cache servers we are using has unique IP address, which is known to our customers ( some of them designate dns server, some of them use DNS server distributed by BRAS). The reason which makes me thought anycast may do some help is : 1) it could be used to set up a distributed server system which may improve availability; 2) it could be used to balance load on servers in one site while we do not need pay for dedicated load balancer(which may be another point of failure); 3) It could do some help to improve security level because we could hide the whole system from DDoS attacker. 4) It could maintein an unique user interface, customers could keep the original resolver settings while enjoying better service;( they do not need to re-config their computer) 5) It may ease system administration because we could offline any server for maintenance at any time. I'm not sure whether analysis above is correct, and , as you pointed out, anycast do have some problem with TCP based service. Althought we only need to provide cacheing service, we have to open TCP/53 for incoming requests because we are not sure whether our customer's computer use UDP for domain resolution ONLY. And, ECMP in our network is a common situation ( nearly any of two node has two or more equal cost routing paths); so, I'm not sure whether this will do harm to service validity & availibilty. So, I push the question to dnsop. -- -- -- Regards Joe Shen ****************************************** * The sunshine of lifetime is made up of * * little beams which is bright all the * * time. * ****************************************** . dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
