[150982] in North American Network Operators' Group

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Questions about anycasting setup

daemon@ATHENA.MIT.EDU (Bill Woodcock)
Fri Mar 9 04:46:38 2012

From: Bill Woodcock <woody@pch.net>
In-Reply-To: <20120309093423.GG17726@h.detebe.org>
Date: Fri, 9 Mar 2012 01:45:24 -0800
To: "Elmar K. Bins" <elmi@4ever.de>
Cc: NANOG Mailing List <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


On Mar 9, 2012, at 1:34 AM, Elmar K. Bins wrote:

> Re Bill,
>=20
> woody@pch.net (Bill Woodcock) wrote:
>=20
>>> Well, let's say, using Quagga/BIRD might not really be best practice =
for
>>> everybody... (e.g., *we* are using Cisco equipment for this)
>> How does your Cisco know whether an adjacent nameserver is heavily =
loaded, and adjust its BGP announcements accordingly?
>=20
> It doesn't have to.
>=20
> I don't know how you guys do it, but we take great care to
> keep min. 70% overhead capacity during standard operation.

RFC 2870 section 2.3 suggests 33%.  How us guys do it is 2%-3%, since =
"standard operation" is only the case when nobody's getting DDoSed.  And =
then we have a backup plan, which is to be able to redirect queries away =
from nodes that are overloaded.  And we have backup plans for the backup =
plans.  But then, we've been doing anycast DNS for twenty years now, so =
we've had some time to develop those plans.

I think what you're hearing from other people, though, is that having a =
backup plan is, indeed, best practice.

                                -Bill




-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJPWdE1AAoJEG+kcEsoi3+H2ZsP/2pkKogGXo2THXS4sMPusDdn
FdsnWZIk2KDfFdwko7o135Uiv6Lkr9SeuBsFtohbq05Odo6BU1U/KBXWcwiWB/2y
umk390F0mgKDx0A0S5TPCwgKFQW+u2ynKCsXGMHIvbn+iTWvBrBaV2XGeF1ukU1H
xWqJcXk42GQA7lnqH7vc8HN+SW8Ill9MZp6vqC9ZnWzQ6VyMzZsPWDWPIddgLIhr
vvS5lLCGUdUzqkw/dKXBaQrj9UpjipfQrHx4rOd2M1ULVXngsU1MWxvKpSh3HZZz
68m7Z8J/120NrJ3kthQg/YQJTBG01CYP5pkBYVfB/X7TaYYvFEOtyO57VNEZXNyr
Km1lkUd/iYrwx/+YCQf4TH7h3hfgvC21lwsp6RRhvGkQcBA8Fs8VPUbrschbcU8f
FilndHewhX4zhCNTBhGoeZOAyACOYYib8JwaUOft2JEC40O3NvPjqWXjhK52gpX0
pAhprGo4oDnDGyM6PmO8b5qDdGRA4hyxZq3NwUj+4PI4Lylq34PUE9T2QQVBfRtT
8pKEOyRHgvrmmiYF8Lsvxc2iAze9SZouNqZ7gy1QJ7aikK6LKMp8GQrtgO52AkKm
+wYpIaOKpbscjuBpKGNu331R0ula02TCy6eB75rnbcEd0oDQu14bKwyea6ORl/dh
yRV2lOxCX4oCYYW1yNHd
=3DUshc
-----END PGP SIGNATURE-----

home	help	back	first	fref	pref	prev	next	nref	lref	last	post