On Mon, 22 Sep 2003, David G. Andersen wrote: > > Yes, I hope that UltraDNS implements something like this, if they have not > > already. It's still not a guarantee that things will get withdrawn -- or be > > reachable, even if working but not withdrawn -- in case of a problem. That > > still leaves the DNS for a gTLD at risk for a single point of failure. > > The whole problem with only listing two anycast servers is that > you leave yourself vulnerable to other kinds of faults. Your > upstream ISP fat-fingers "ip route 64.94.110.11 null0" and > accidentally blitzes the netblock from which the anycast servers > are announced. A router somewhere between customers and the > anycast servers stops forwarding traffic, or starts corrupting > transit data, without interrupting its route processing. > packet filters get misconfigured..
That's a good reason to make sure that you are anycasting from at least two disparate netblocks, isn't it?. :-) /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\ Patrick Greenwell Asking the wrong questions is the leading cause of wrong answers \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/