DNS pulling BGP routes?

Matthew Petach mpetach at netflight.com
Sat Oct 16 19:40:15 UTC 2021


On Wed, Oct 13, 2021 at 6:26 AM Masataka Ohta <
mohta at necom830.hpcl.titech.ac.jp> wrote:

> Matthew Petach wrote:
>
> >>> With an anycast setup using the same IP addresses in every
> >>> location, returning SERVFAIL doesn't have the same effect,
> >>> however, because failing over from anycast address 1 to
> >>> anycast address 2 is likely to be routed to the same pop
> >>> location, where the same result will occur.
> >>
> >> That's why that is a bad idea. Alternative name servers with
> >> different IP addresses should be provided at separate locations.
>
> > Sure.  But that doesn't do anything to help prevent the
> > type of outage that hit Facebook, which was the point I
> > was trying to make in my response. Facebook did use > different IP
> addresses, and it didn't matter, because the
>  > underlying health of the network is what was at issue,
>  > not the health of the nameservers.
>
> A possible solution is to force unbundling of CDN providers and
> transit providers by antitrust agencies.
>

Other people have already spoken to the misunderstanding or
misuse of the terms "CDN provider" and "transit provider" in this
case.

I'd like to take a moment to point out the other problem with this
sentence, which is "antitrust agencies".

One of the key aspects to both CDN providers and transit
providers is they tend to be multi-national organizations with
infrastructure in multiple countries on multiple continents.

A CDN provider that only exists in one city is a hosting
company, not a CDN.

A transit provider that only provides network connectivity
in one city, or one state, isn't a very valuable transit
provider, since the implicit (and sometimes explicit) promise
the transit network is making to their customers is that they
will carry their IP traffic to the rest of the world, ensuring as
best as they can that their prefixes are visible to others,
and that their packets are carried to other networks, wherever
they may be.

You won't be terribly successful as a transit provider if your
business model is to "carry traffic for your customers all the
way to the edges of the city", or "carry your traffic anywhere
within the country it needs to go, but discard it if it needs to
go outside the country."

So, given that both our CDN provider and our transit network
provider operate in more than one country, what "antitrust
agency" would have jurisdiction over the CDN provider and
the transit provider that could force unbundling of their
services?

What if every country the CDN provider and the transit
provider operate in has a different definition of what it
means to "unbundle" the services?


Then, CDN providers can't pursue efficiency only to kill
> fundamental redundancy of DNS.
>
> For network neutrality, backbone providers *MUST* be neutral
> for contents they carry.
>

Nothing at all requires backbone providers to be neutral.

Backbone networks are free to restrict what traffic or content
passes across their networks.  Indeed, many backbone providers
include in their terms of service lists of traffic that they reserve the
right to block or discard.  Most of the time, those clauses are focused
on traffic which may be injurious to the backbone network or the systems
that support it; but even DDoS traffic which isn't itself injurious to the
backbone, but does impact other customers, may be dropped at the
backbone providers' discretion.


We should recognize the fundamental difference between
> independent, thus neutral, backbone providers and
> CDN providers with anti-neutral backbone of their own.


Others have, I think, already addressed more directly their
fundamental disagreement with that statement.   ^_^;


>                                                 Masataka Ohta
>
>
Thanks!   :)

Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20211016/835310aa/attachment.html>


More information about the NANOG mailing list