anycast (Re: .ORG problems this evening)

• Previous message (by thread): anycast (Re: .ORG problems this evening)
• Next message (by thread): anycast (Re: .ORG problems this evening)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 22 Sep 2003, David G. Andersen wrote:

> > Yes, I hope that UltraDNS implements something like this, if they have not
> > already.  It's still not a guarantee that things will get withdrawn -- or be
> > reachable, even if working but not withdrawn -- in case of a problem.  That
> > still leaves the DNS for a gTLD at risk for a single point of failure.
>
> The whole problem with only listing two anycast servers is that
> you leave yourself vulnerable to other kinds of faults.  Your
> upstream ISP fat-fingers "ip route 64.94.110.11 null0" and
> accidentally blitzes the netblock from which the anycast servers
> are announced.  A router somewhere between customers and the
> anycast servers stops forwarding traffic, or starts corrupting
> transit data, without interrupting its route processing.
> packet filters get misconfigured..

That's a good reason to make sure that you are anycasting from at least
two disparate netblocks, isn't it?. :-)


/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\
                               Patrick Greenwell
         Asking the wrong questions is the leading cause of wrong answers
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/

• Previous message (by thread): anycast (Re: .ORG problems this evening)
• Next message (by thread): anycast (Re: .ORG problems this evening)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]