On Tue, May 29, 2012 at 1:07 AM, Patrick W. Gilmore <patr...@ianai.net>wrote:
> On May 28, 2012, at 15:24 , Anurag Bhatia wrote: > > On Tue, May 29, 2012 at 12:50 AM, Tony Finch <d...@dotat.at> wrote: > >> Anurag Bhatia <m...@anuragbhatia.com> wrote: > >>> > >>> One small concern I wanted to discuss here. I know few > >>> registry/registrars which do not accept both (or all) name servers of > >>> domain name on same subnet. They demand at least 1 DNS server should be > >>> on different subnet for failover reasons (old thoughts). > >>> > >>> How one can deal with such case in case of anycasting setup which using > >>> one single subnet everywhere? > >> > >> You still want name servers on more than one subnet in case the anycast > >> setup breaks. > >> > > I am building redundancy within that setup. I mean it will be software > > based BGP so if hardware if fried up, it will break BGP session and pull > > off routes anyway and for cases like DNS server (software) failure, I > will > > monitor it via simple bash script which can turn bgp daemon down. So once > > it is off, routing tables should take it to different node. > > Famous last words: "I am building redundancy...." As if "redundancy" > stops someone else announcing your prefix and sucking in half the packets > on the 'Net meant for you. (Just one of many failure modes against which > you cannot possibly defend.) > > Well, you could make me realize those painful points more humble way. Anyways, really appreciate points you made and yes, I must find some way out to them. May be I was wrong in posting question here before doing my homework. I am sorry everyone. Thanks. That said, IMHO, if you want to shoot yourself in the foot, you should be > allowed to do so. Your foot, your decision. I'm sure there are registrars > out there that do not babysit you. Find one that doesn't tell you how to > run your own infrastructure. > > And enjoy the extra spice that gives your life. :) > > -- > TTFN, > patrick > > > -- Anurag Bhatia anuragbhatia.com or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected network! Linkedin <http://in.linkedin.com/in/anuragbhatia21> | Twitter<https://twitter.com/anurag_bhatia>| Google+ <https://plus.google.com/118280168625121532854>