/8 end user assignment?

Paul Vixie vixie at vix.com
Sat Aug 6 17:45:13 UTC 2005


iljitsch at muada.com (Iljitsch van Beijnum) writes:

> On 5-aug-2005, at 15:55, Joe Abley wrote:
> 
> > It is of course possible to construct networks through which TCP
> > behaves very poorly with anycasted services. This does not mean that
> > TCP is fundamentally incompatible with anycast.
> 
> It does mean that if people want to anycast services that run over TCP
> (even just a small part of the time, such as DNS) they should make sure
> this works well.

it's working fine for 30+ instances of F-root.

> A good start is using different AS numbers for the anycast instances so
> (Cisco) routers won't load balance over the different paths.

we have not encountered a problem like this, even though all F-root anycast
instances use a consistent origin-AS.  my belief, previously explained here,
is that anyone who turns on multipath-EGP (rather than multipath-IGP) is
going to have a boatload of other problems before they ever get around to
noticing whether TCP is working toward anycasted servers.  (OSPF ECMP is,
i believe, on-by-default; multipath-BGP is, i am sure, off-by-default.)

> But all of this is irrelevant to the discussion at hand, unless I missed
> something big and DNS over TCP has now been deprecated. If that's the
> case, the appropriate action is to disable TCP queries in the software,
> not to avoid TCP queries by keeping response sizes small.

agreed.  (that TCP isn't a problem.)

> But my original point was that you won't go over the non-EDNS0 limit  
> for normal queries with less than a dozen AAAA records anyway.

disagreed.  (because DNSSEC is coming.)
-- 
Paul Vixie



More information about the NANOG mailing list