ISP network design of non-authoritative caches
randy at psg.com
Sat Nov 17 15:35:58 UTC 2001
> dnsops is for operators of authoritative name servers.
dnsop (note singular) is for non-protocol, but still technical, aspects
of the dns. i am not aware of an ietf wg which limits parcipitation by
occupation. if you want cliques, go to icann :-).
> Instead of a set of authoritative servers, the servers which actually
> deliver direct DNS service to users/hosts are non-authoritative,
> caching servers.
some measurements show a large number of combo servers, i.e. they are
authoritative for their local domain(s), say foo.com, but also act as
recursive caching servers for the users of a site.
> During the boom times, ISPs couldn't individually configure millions
> of DNS clients. They generally told subscribers to use two statically
> configured name servers, or more recently used DHCP to set them. Several
> national ISPs, including the one I use, with millions of subscribers,
> appear to still do this.
> We know this isn't good engineering practice
well, actually, a number of the large providers use many servers at the
same v4 anycast address. so they get fairly rich geographic/topologic
dispersion, but don't confuse users with a dozen addresses. i consider
this reasonably good engineering practice. ymmv.
setting up the routing for this is a bit of a hack, but not all that
hard. and the magma wg's work may give us some simpler tools.
> Is there a white paper, best common practice, or book which shows
> the naive ISP (whether they have 10 or 10 million subscribers) how
> to architect their DNS system?
not of which i am aware. wanna help write a dnsop i-d?
More information about the NANOG