Internet vulnerabilities

• Previous message (by thread): WorldComm Fiber Cut????
• Next message (by thread): Internet vulnerabilities
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Jul 07, 2002 at 08:37:55PM -0400, Stephen Griffin wrote:
> 
> In the referenced message, Rodney Joffe said:
> > Just as a guess, Marshall is probably thinking of using anycast for
> > something other than DNS, like http, or ftp, or telnet. And he's
> > wondering about state ;-)
> 
> If you don't use per-packet type load-sharing, but something like
> per-flow, or per-src/dst-hash, then you can use anycast for protocols
> which require state (including tcp or other connection-oriented protocols,
> for that matter).
> 
> Worst-case when the server you are communicating with fails, the
> connection is broken, much as it would had anycast not been in use.

I think the problem they are refering to is what happens if your routing 
topology changes (or worse, flaps). A stateful connection (like TCP) which 
would have stayed up during a routing change could potentially be shifted 
to a different server which obviously wouldn't know the other one's state. 
Perhaps not terrible for a web server and for recovering from a network 
outage, but I'd imagine it would be pretty annoying if you managed to 
develop a persistant oscillation.

That is why people use anycast DNS to refer the requester to the closest
server with via regular IP, based on which server the request hits. Of
course then there is no failover, but thats life. DNS is also more
scalable for doing anycast with customers. Which method to use is up to
you. :)

-- 
Richard A Steenbergen <ras at e-gerbil.net>       http://www.e-gerbil.net/ras
PGP Key ID: 0x138EA177  (67 29 D7 BC E8 18 3E DA  B2 46 B3 D8 14 36 FE B6)

• Previous message (by thread): WorldComm Fiber Cut????
• Next message (by thread): Internet vulnerabilities
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]