[52993] in North American Network Operators' Group
anycast dns servers
daemon@ATHENA.MIT.EDU (Randy Bush)
Fri Oct 25 10:01:45 2002
From: Randy Bush <randy@psg.com>
To: Paul Vixie <paul@vix.com>
Cc: nanog@nanog.org
Date: Fri, 25 Oct 2002 07:00:35 -0700
Errors-To: owner-nanog-outgoing@merit.edu
i am a bit confused here. seems to be that the major differences
between smb's scheme, for which you personally attacked me, and
yours are
o yours has centralized control, you, instead of isp control.
this is known not to have good layer nine properties, see
marinara del roi.
o we get to pay you for that privilige, though at 'cost', mighty
kind of you, but we're silly enough to also think we know how
to run services. though it might be fun to talk about how to
automate testing for the relevant parts of rfc 2870.
i.e. they are not technically much different. as smb said, the
hard problems are at layer nine.
but, first focusing on the technology, let's talk about the hard
part of the problem first, the gtld servers, hard because of the
size of the data and the frequency of change.
so a large isp lets the registries (verisign et alia) put a honkin'
hidden primary server near _big_ backbone links. other large
(i.e. can handle moving that kind of data) isps set up ipsec or
tsig secondary cluster off of it. of course, the isps' secondary
clusters use a well-known anycast address for serving queries. the
isps which have secondaries might not accept announcements of the
anycast prefix from eachother, or they might, point to disucss.
i could elaborate further, but it might be more fun to let others
have a say too. especially how this can safely support all the
non-oc48++ isps.
randy
