network
(subsection 2.4 in the document).
HTH,
--Gabriel
On Wed, Jun 02, 2010 at 09:08:30AM -0400, Jimmy Changa wrote:
I was wondering if anyone had recommendations on IPv4 Anycast
resources
(whitepapers, RFCs) as it relates to DNS?
Thanks in advance.
I was wondering if anyone had recommendations on IPv4 Anycast resources
(whitepapers, RFCs) as it relates to DNS?
Thanks in advance.
On 2010-06-02, at 09:08, Jimmy Changa wrote:
I was wondering if anyone had recommendations on IPv4 Anycast resources
(whitepapers, RFCs) as it relates to DNS?
Thanks in advance.
http://www.google.com/search?q=nanog+anycast+sarcastic
top hit:
http://seclists.org/nanog/2010/Mar/1027
On Wed, 2 Jun 2010, Jimmy Changa wrote:
I was wondering if anyone had recommendations on IPv4 Anycast resources
(whitepapers, RFCs) as it relates to DNS?
I found the following useful:
http://www.net.cmu.edu/pres/anycast
http://ftp.isc.org/isc/pubs/tn/isc-tn-2004-1.html
http
On Jun 2, 2010, at 6:08 AM, Jimmy Changa wrote:
I was wondering if anyone had recommendations on IPv4 Anycast resources
(whitepapers, RFCs) as it relates to DNS?
http://www.pch.net/resources/papers/anycast/
http://www.pch.net/resources/papers/dns-service-architecture/
http://www.pch.net
:
I was wondering if anyone had recommendations on IPv4 Anycast
resources
(whitepapers, RFCs) as it relates to DNS?
Thanks in advance.
On Mon, 29 Mar 2010, Kevin Oberman wrote:
Fix your security officers!
I have talked to multiple security officers (who are generally not
really knowledgeable on networks) who had 53/tcp blocked and none have
yet agreed to change it. The last one told me that blocking 53/tcp is
standard industry
I have talked to multiple security officers (who are generally not
really knowledgeable on networks) who had 53/tcp blocked and none
have yet agreed to change it.
patience. when things really start to break, and the finger of fate
points at them, clue may arise.
36 days until all root
On Tue, 30 Mar 2010 15:59:08 +0900, Randy Bush said:
I have talked to multiple security officers (who are generally not
really knowledgeable on networks) who had 53/tcp blocked and none have
yet agreed to change it.
patience. when things really start to break, and the finger of fate
I must observe that these are not really the links you'd want to give your
end users to check out. Their audience is very different. While the article
on RIPE Labs comes close, they don't really answer the does it work or does
it not? question with a green/red light, and they don't provide a
Robert Kisteleki (robert) writes:
I must observe that these are not really the links you'd want to
give your end users to check out. Their audience is very different.
While the article on RIPE Labs comes close, they don't really answer
the does it work or does it not? question with a green/red
Kevin Oberman ober...@es.net writes:
He said that if the protocols would not handle blocked 53/tcp, the
protocols would have to be changed. Opening the port was simply not
open to discussion.
Do they also believe that all DNS replies are less than 512 bytes? :-)
Tony.
--
f.anthony.n.finch
From: Joe Abley jab...@hopcount.ca
Date: Fri, 26 Mar 2010 10:06:02 -0700
On 2010-03-26, at 06:40, Max Larson Henry wrote:
has someone experience in anycast ipv4 networks (to support DNS)?
Never been done Dangerous TCP does not work etc etc etc.
- Yes but as for DNS, anycast is
Hello,
has someone experience in anycast ipv4 networks (to support DNS)?
Regards
Lutz
InterNetX - Lutz Muehlig wrote:
Hello,
has someone experience in anycast ipv4 networks (to support DNS)?
Never been done Dangerous TCP does not work etc etc etc.
I assume quite a number of people know how to do it, especially as
several root DNS servers abuse it.
Simple recipe:
- Box with:
has someone experience in anycast ipv4 networks (to support DNS)?
Never been done Dangerous TCP does not work etc etc etc.
- Yes but as for DNS, anycast is essentially used for user requests (UDP)
not to perform zone transfer(TCP).
-M
On Mar 26, 2010, at 9:24 AM, Jeroen Massar wrote:
InterNetX - Lutz Muehlig wrote:
Hello,
has someone experience in anycast ipv4 networks (to support DNS)?
Never been done Dangerous TCP does not work etc etc etc.
Can't really tell if you're being serious here due to caffeine underrun.
has someone experience in anycast ipv4 networks (to support DNS)?
Never been done Dangerous TCP does not work etc etc etc.
- Yes but as for DNS, anycast is essentially used for user requests (UDP)
not to perform zone transfer(TCP).
How-to with working configurations for Linux+Quagga:
In message 4828.1269611...@localhost, valdis.kletni...@vt.edu writes:
--==_Exmh_1269611568_4209P
Content-Type: text/plain; charset=us-ascii
On Fri, 26 Mar 2010 09:40:39 EDT, Max Larson Henry said:
- Yes but as for DNS, anycast is essentially used for user requests (UDP)
not to perform
On 2010-03-26, at 06:21, InterNetX - Lutz Muehlig wrote:
has someone experience in anycast ipv4 networks (to support DNS)?
This is a general reference that tries hard not to be DNS-specific:
http://www.ietf.org/rfc/rfc4786.txt
These are two papers written whilst at ISC describing many
On Mar 26, 2010, at 6:40 AM, Max Larson Henry wrote:
has someone experience in anycast ipv4 networks (to support DNS)?
Never been done Dangerous TCP does not work etc etc etc.
- Yes but as for DNS, anycast is essentially used for user requests
(UDP)
not to perform zone transfer(TCP).
On 2010-03-26, at 06:40, Max Larson Henry wrote:
has someone experience in anycast ipv4 networks (to support DNS)?
Never been done Dangerous TCP does not work etc etc etc.
- Yes but as for DNS, anycast is essentially used for user requests (UDP)
not to perform zone transfer(TCP).
As
On Mar 26, 2010, at 6:55 AM, Jeroen Massar wrote:
Max Larson Henry wrote:
has someone experience in anycast ipv4 networks (to support DNS)?
Never been done Dangerous TCP does not work etc etc etc.
- Yes but as for DNS, anycast is essentially used for user requests
(UDP) not to
On 2010-03-26, at 10:04, Owen DeLong wrote:
It doesn't require an unstable routing table. There is a small set of
locations that could hit routers with multipath that may balance
the anycast packets down divergent paths.
Essentially, these are the topological midpoints between any two
On Fri, 26 Mar 2010 14:24:21 +0100
Jeroen Massar jer...@unfix.org wrote:
InterNetX - Lutz Muehlig wrote:
Hello,
has someone experience in anycast ipv4 networks (to support DNS)?
Never been done Dangerous TCP does not work etc etc etc.
I assume quite a number of people know how to do
Shin SHIRAHATA wrote:
192.88.99.0/24, 2002::/16, and 2001::/32 are some
notable examples of heterogeneous origin AS.
And those prefixes (6to4 Teredo) all come with annoying problems as
one never knows which relay is really being used and it is hard to debug
how the packets really flow.
Hello NANOG,
I noticed that more than 3K prefixes are with 2 Origin ASes.
Are they the simplest cases of anycast? Or they are mainly due to
misconfiguration?
---
--Zhenkai
On 22/04/2009, at 6:53 PM, Zhenkai Zhu wrote:
Hello NANOG,
I noticed that more than 3K prefixes are with 2 Origin ASes.
Are they the simplest cases of anycast? Or they are mainly due to
misconfiguration?
The third (and probably more likely) option is that the prefixes are
advertised
On Tue, Apr 21, 2009 at 11:53:02PM -0700, Zhenkai Zhu wrote:
Hello NANOG,
I noticed that more than 3K prefixes are with 2 Origin ASes.
Are they the simplest cases of anycast? Or they are mainly due to
misconfiguration?
---
--Zhenkai
i honestly don't remember the
Ah, that's very possible. So I suppose the 90 prefixes with 3 origin
ASes are due to the same reason..
Then there is basically no inter-As anycast besides the anycast prefix
for DNS root, since I only noticed like 8 prefixes that are announced by
more than 3 ASes..
--Zhenkai
Nathan
On Apr 22, 2009, at 12:12 AM, Zhenkai Zhu wrote:
Ah, that's very possible. So I suppose the 90 prefixes with 3 origin
ASes are due to the same reason..
Then there is basically no inter-As anycast besides the anycast
prefix for DNS root, since I only noticed like 8 prefixes that are
On 22/04/2009, at 7:12 PM, Zhenkai Zhu wrote:
Ah, that's very possible. So I suppose the 90 prefixes with 3 origin
ASes are due to the same reason..
Then there is basically no inter-As anycast besides the anycast
prefix for DNS root, since I only noticed like 8 prefixes that are
Zhenkai Zhu wrote:
Then there is basically no inter-As anycast besides the anycast prefix
for DNS root, since I only noticed like 8 prefixes that are announced by
more than 3 ASes..
I presume you are using route-views or some such to get a larger picture
of the BGP geography? I believe
-Original Message-
From: Jack Bates [mailto:jba...@brightok.net]
Given that the networks are duplicates, there's no requirement that
one part of the AS needs to receive routes from the other part of the
AS. For management and such of the devices, I presume there are
separate
Then there is basically no inter-As anycast besides the anycast prefix for
DNS root, since I only noticed like 8 prefixes that are announced by more
than 3 ASes..
...but inter-domain anycast is often achieved by using a single origin
AS, which is then transited through the 'provider'
Rob Evans wrote:
Then there is basically no inter-As anycast besides the anycast prefix for
DNS root, since I only noticed like 8 prefixes that are announced by more
than 3 ASes..
...but inter-domain anycast is often achieved by using a single origin
AS, which is then transited through
Jack Bates wrote:
Zhenkai Zhu wrote:
Then there is basically no inter-As anycast besides the anycast
prefix for DNS root, since I only noticed like 8 prefixes that are
announced by more than 3 ASes..
I presume you are using route-views or some such to get a larger
picture of the BGP
Zhenkai Zhu wrote:
I just want to make sure if I understand correctly. You mean that the
anycasted address space can be announced in different places yet with
the same origin AS?
Yes, and it is commonly done.
Jack
Patrick W. Gilmore wrote:
On Apr 22, 2009, at 4:35 PM, Jack Bates wrote:
Zhenkai Zhu wrote:
I just want to make sure if I understand correctly. You mean that the
anycasted address space can be announced in different places yet with
the same origin AS?
Yes, and it is commonly done.
I was
Kevin Loch wrote:
Patrick W. Gilmore wrote:
On Apr 22, 2009, at 4:35 PM, Jack Bates wrote:
Zhenkai Zhu wrote:
I just want to make sure if I understand correctly. You mean that
the anycasted address space can be announced in different places yet
with the same origin AS?
Yes, and it is
Patrick W. Gilmore wrote:
I was under the impression anycast services with homogeneous origin AS
was far more common than the heterogeneous. Almost all the instances I
know of use homogeneous origin AS.
I'd be interested in statistics either way.
The original question provides a good
On Apr 22, 2009, at 5:23 PM, Kevin Loch wrote:
Patrick W. Gilmore wrote:
On Apr 22, 2009, at 4:35 PM, Jack Bates wrote:
Zhenkai Zhu wrote:
I just want to make sure if I understand correctly. You mean that
the anycasted address space can be announced in different places
yet with the same
On Wed, Apr 22, 2009 at 04:13:38PM -0500, Jack Bates wrote:
[snip]
The original question provides a good statistic, I think. Only 8
prefixes that were announced by more than 3 origin AS.
And the overall message is that only the (prefix holder|originating
ASn[s]) can tell you if it is intended
On Apr 22, 2009, at 5:48 PM, Jack Bates wrote:
Joe Provo wrote:
And the overall message is that only the (prefix holder|originating
ASn[s]) can tell you if it is intended or not. Sadly, this is not
a useful metric for a third-party to use to determine prefix
annoucnement legitimacy.
192.88.99.0/24, 2002::/16, and 2001::/32 are some
notable examples of heterogeneous origin AS.
And those prefixes (6to4 Teredo) all come with annoying problems as
one never knows which relay is really being used and it is hard to debug
how the packets really flow.
I agree entirely.
Shin SHIRAHATA wrote:
192.88.99.0/24, 2002::/16, and 2001::/32 are some
notable examples of heterogeneous origin AS.
And those prefixes (6to4 Teredo) all come with annoying problems as
one never knows which relay is really being used and it is hard to debug
how the packets really flow.
I
46 matches
Mail list logo