Numbering nameservers and resolvers
jgreco at ns.sol.net
Tue Aug 17 08:26:08 CDT 2010
> One of my former employers backhauled all their legacy nameservers to a =
> single site, eg: e[0-2].ns.voyager.net.
> While they were originally on diverse subnets and geographical =
> locations, this appears to have changed.
As one of the people who originally worked on that setup, I'll note that
they're all being announced by 7321, which is certainly not the ideal
for purposes of diversity, but I notice some variation in the ping times,
so it's not clear to me that there's a reliable basis for expecting that
they're not at least diverse geographically.
The original locations were in Dayton, Kalamazoo, and New Berlin, all
of which are several ms away from Chicago, and while several of the
facilities have been shuffled around or closed, it's not clear that
there aren't still nameservers in those states. AS diversity wasn't
there for all that long to begin with; I seem to recall that a lot of
it was being announced from 8011 as the integration efforts went on.
It seems to me that for very small or very large organizations, there
are significant benefits to finding AS diversity, but for mid-size
ones, the picture is a bit less clear. In the Voyager case, the
existence of separate networks was something that came along as more
of a bonus and side effect of acquistions, and nameserver engineering
took advantage of it, but network engineering's goal was to get all
the networks integrated and connected, so eventually things got rolled
into 8011. That would definitely count as somewhat suboptimal from
the point of nameserver reliability, but the network grew generally
more reliable since there weren't twenty slightly different ways of
doing things and lots of legacy crud that neteng needed to "just know".
While that did a lot to increase the overall reliability of the network,
it certainly is putting your eggs all in one basket, and then you have
to be ready for the hazards. We had, for example, this guy in Michigan
who liked to load up routers in remote locations with unreleased
versions of Cisco code that he'd get from his contacts at Cisco, which
led to several cases of network downtime when they didn't work as
expected (or at all). I believe that Wisconsin network engineering
was generally fearful that one day it would turn ugly and something
bad would happen that would take down the whole network; this is the
downside to having less compartmentalization.
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.
More information about the NANOG