ultradns reachability

Bill Woodcock woody at pch.net
Sat Jul 3 13:41:42 UTC 2004


      On Fri, 2 Jul 2004, Stephen J. Wilcox wrote:
    > 10.1.0.1 Anycast1 (x50 boxes)
    > 10.2.0.1 Anycast2 (x50 boxes - different to anycast1)
    > In each scenario two systems have to fail to take out any one customer.. but
    > isnt the bottom one better for the usual pro anycast reasons?

Correct, and that's what's done whenever engineering triumphs over
marketing.  The problem is that there's always a temptation to put
instances of both clouds at a single physical location, but that's
sabotaging yourself, since then the attack which takes down one will take
down the other as well.

With DNS, it really makes sense to do what you're suggesting, since DNS
has its own internal load-balancing function, and having two separate
clouds just means that you're giving both the anycast and the DNS client
load-balancing algorithms a chance to work.  With pretty much any other
protocol (except peer-to-peer clients, which also mostly do client-side
load balancing) there's a big temptation to have a single huge cloud that
appears in as many places as possible.

                                -Bill





More information about the NANOG mailing list