[83167] in North American Network Operators' Group
Re: /8 end user assignment?
daemon@ATHENA.MIT.EDU (Paul Vixie)
Sat Aug 6 13:45:58 2005
To: nanog@merit.edu
From: Paul Vixie <vixie@vix.com>
Date: 06 Aug 2005 17:45:13 +0000
In-Reply-To: <5D569EC8-AAE6-4563-BE67-C25A53A030EC@muada.com>
Errors-To: owner-nanog@merit.edu
iljitsch@muada.com (Iljitsch van Beijnum) writes:
> On 5-aug-2005, at 15:55, Joe Abley wrote:
>
> > It is of course possible to construct networks through which TCP
> > behaves very poorly with anycasted services. This does not mean that
> > TCP is fundamentally incompatible with anycast.
>
> It does mean that if people want to anycast services that run over TCP
> (even just a small part of the time, such as DNS) they should make sure
> this works well.
it's working fine for 30+ instances of F-root.
> A good start is using different AS numbers for the anycast instances so
> (Cisco) routers won't load balance over the different paths.
we have not encountered a problem like this, even though all F-root anycast
instances use a consistent origin-AS. my belief, previously explained here,
is that anyone who turns on multipath-EGP (rather than multipath-IGP) is
going to have a boatload of other problems before they ever get around to
noticing whether TCP is working toward anycasted servers. (OSPF ECMP is,
i believe, on-by-default; multipath-BGP is, i am sure, off-by-default.)
> But all of this is irrelevant to the discussion at hand, unless I missed
> something big and DNS over TCP has now been deprecated. If that's the
> case, the appropriate action is to disable TCP queries in the software,
> not to avoid TCP queries by keeping response sizes small.
agreed. (that TCP isn't a problem.)
> But my original point was that you won't go over the non-EDNS0 limit
> for normal queries with less than a dozen AAAA records anyway.
disagreed. (because DNSSEC is coming.)
--
Paul Vixie
