Hi �� thanks for all your kindly help.
> Err, sort of. The issues with roots is that a limit of 13 was reached. > Thus, to have a 14th server, you had to anycast. The load on a server > would be seems to be 1/14 of the total load. (Actually, as you note, it > won't be exactly 1/14 due to path load complexity, but its probably > smaller than 1/13.) You don't have the option of adding another listed > server. Seems like an improvement, though at some cost. To my knowledge, BIND choose root server by comparing response speed of those root servers. While, some other dns server choose randomly. On the other hand, as almost all root severs are anycasted load on each server may differ much. > However, if you have 4 servers, the load on any server will be 1/4 of the > total offered load. But you can add another listed server, and the load > will be 1/5 of the total offered load. No, this is not our situation. In fact, one of four server experience heavier load than others because of historical reasons ( many customers know its address). We need to balance load on those four servers while improving system availablity. > If you add an anycast server, the > load is still 1/5. No benefit. (And again, due to path load complexities, > it won't quite be 1/5 with anycast, but it will be smaller than 1/4). In > Joe Shen's case, Anycast is worse than adding another listed server. In the first plan, we hope to maintein the original four IP addresses announced because we do not know how customers use them. By doing anycast, we think requests will be served by a server group in which incoming concurrent requests is shared equally by its member; on the other hand, by establishing more server groups total load is divided. OSPF convergence time may be a problem, and packet forwarding mechanism inside router may be another problem. I checked cisco's router, it seems the router decide outgoing path by hashing based on source IP inside packets, Juniper do similarly. But there are other vendors products inside our network, if they behave differently there may be problem with TCP based application. Is there any possible problem with UDP based DNS resolve requests? > Anycast doesn't help with failover. If there are separate paths to an > anycast server (eg they are on different physical sites), then failure of > anycast server means it won't respond on that path, and the resolver will > have to try another listed server. > Indeed, if you want to have high availability, you need to add failover > facilities to your anycast servers. Thanks. I'm considering Solaris's IP multi-path function which will improve availability of link between DNS server and router. But, I'm not clear how to integrate it with anycast. -- -- -- Regards Joe Shen ****************************************** * The sunshine of lifetime is made up of * * little beams which is bright all the * * time. * ****************************************** . dnsop resources:_____________________________________________________ web user interface: http://darkwing.uoregon.edu/~llynch/dnsop.html mhonarc archive: http://darkwing.uoregon.edu/~llynch/dnsop/index.html
