anycast (Re: .ORG problems this evening)

• Previous message (by thread): anycast (Re: .ORG problems this evening)
• Next message (by thread): anycast (Re: .ORG problems this evening)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

DGA> Date: Mon, 22 Sep 2003 18:32:19 -0400
DGA> From: David G. Andersen


DGA> The whole problem with only listing two anycast servers is that
DGA> you leave yourself vulnerable to other kinds of faults.  Your
DGA> upstream ISP fat-fingers "ip route 64.94.110.11 null0" and
DGA> accidentally blitzes the netblock from which the anycast servers
DGA> are announced.  A router somewhere between customers and the

And this is peculiar to anycast?


DGA> anycast servers stops forwarding traffic, or starts corrupting

And this is peculiar to anycast?


DGA> transit data, without interrupting its route processing.
DGA> packet filters get misconfigured..

And this is peculiar to anycast?


DGA> Route updates in BGP take a while to propagate.  Much longer
DGA> than the 15ms RTT from me to, say, a.root-server.net.  The application
DGA> retry in this context can be massively faster than waiting 30+ seconds
DGA> for a BGP update interval.

If a location goes dark, that's a problem.  With redundant
machines locally anycasted and inter-location transport, it
becomes a question of border router and peer reliability.


DGA> The availability of the DNS is now co-mingled with the success
DGA> of the magic route tweak code;  the resulting system is a fair

The availability of * is co-mingled with the success of the gear
advertising its prefixes.

The difference between standard multihoming and anycast is that
the behind-the-scenes stuff happens to be on different machines
in different locations.


DGA> bit more complex than simply running a bunch of different
DGA> DNS servers.   God forbid that zebra ever has bugs...
DGA>
DGA>   http://www.geocrawler.com/lists/3/GNU/372/0/

You assume zebra is the only option.  Sure, it has bugs.  So do
Vendors C, J, and R.


DGA> In contrast, talking to a few DNS servers gives you an end-to-end
DGA> test of how well the service is working.

So splay is bad?


Eddy
--
Brotsman & Dreger, Inc. - EverQuick Internet Division
Bandwidth, consulting, e-commerce, hosting, and network building
Phone: +1 785 865 5885 Lawrence and [inter]national
Phone: +1 316 794 8922 Wichita
_________________________________________________________________
          DO NOT send mail to the following addresses :
  blacklist at brics.com -or- alfra at intc.net -or- curbjmp at intc.net
Sending mail to spambait addresses is a great way to get blocked.

• Previous message (by thread): anycast (Re: .ORG problems this evening)
• Next message (by thread): anycast (Re: .ORG problems this evening)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]