DNS anycasting - multiple DNS servers on same subnet Vs registrar/registry policies
Jimmy Hess
mysidia at gmail.com
Tue May 29 04:58:00 UTC 2012
On 5/28/12, David Conrad <drc at virtualized.org> wrote:
> On May 28, 2012, at 11:51 AM, Anurag Bhatia wrote:
>> I know few registry/registrars
>> which do not accept both (or all) name servers of domain name on same
>> subnet. They demand at least 1 DNS server should be on different subnet for
>> failover reasons (old thoughts).
> IMHO appropriately so. The fact that anycast allows for multiple
> (potentially) geographically distributed machines to respond to DNS queries
> does not remove the value of having multiple prefixes for DNS servers.
[snip]
It dramatically reduces the value, and meets the basic RFC requirement
for geographically distributed DNS servers, although there are still
routing issues that will impact all DNS servers to share a prefix
It is more important that a domain registrar not refuse to register a
domain, or erroneously declare a valid listing invalid.
The purpose of using a registrar is to establish DNS delegation, not
to validate your site's redundancy meets the absolute best possible
practices for fault tolerance.
Ideally certainly should have DNS servers under multiple prefixes --
and it seems a little bit silly to go through all the trouble of
implementing a complicated anycast geo. dist scheme, while ignoring
a simpler failure mode. It's your choice.
It's not appropriately so for a registrar to say anything your choice;
thats your network
not theirs. By the same token the registrar can't tell you not to
alias all 3 IP addresses on
different subnets to the same physical server.
Again, it's ill-advised, but a "mistake" that has nothing to do with
the registrar's network or the registration service.
--
-JH
More information about the NANOG
mailing list