DNS anycasting - multiple DNS servers on same subnet Vs registrar/registry policies

Jimmy Hess mysidia at gmail.com
Tue May 29 04:58:00 UTC 2012


On 5/28/12, David Conrad <drc at virtualized.org> wrote:
> On May 28, 2012, at 11:51 AM, Anurag Bhatia wrote:
>> I know few registry/registrars
>> which do not accept both (or all) name servers of domain name on same
>> subnet. They demand at least 1 DNS server should be on different subnet for
>> failover reasons (old thoughts).
> IMHO appropriately so.  The fact that anycast allows for multiple
> (potentially) geographically distributed machines to respond to DNS queries
> does not remove the value of having multiple prefixes for DNS servers.
[snip]
It dramatically reduces the value, and meets the basic RFC requirement
for geographically distributed DNS servers, although there are still
routing issues that will impact all DNS servers to share a prefix
It is more important that a domain registrar not refuse to register a
domain,  or erroneously declare a valid listing invalid.

The purpose of using a registrar is to establish DNS delegation, not
to validate your site's redundancy meets the absolute best possible
practices for fault tolerance.

Ideally certainly should have DNS servers under multiple prefixes --
and it seems a little bit silly to go through all the trouble of
implementing a complicated anycast geo. dist scheme,   while ignoring
a simpler failure mode.    It's your choice.

It's not appropriately so for a registrar to say anything your choice;
thats your network
not theirs.  By the same token the registrar can't tell you not to
alias all 3 IP addresses on
different subnets to the same physical server.

Again, it's ill-advised, but a "mistake"  that has nothing to do with
the registrar's network or the registration service.

--
-JH




More information about the NANOG mailing list