Authoritative Resources for Public DNS Pinging
Grant Taylor
gtaylor at tnetconsulting.net
Fri Feb 11 16:35:23 UTC 2022
On 2/11/22 7:58 AM, Jon Lewis wrote:
> 8.8.8.8 is already anycasted. What if each large ISP (for whatever
> definition of large floats your boat) setup their own internal
> instance(s) of 8.8.8.8 with a caching DNS server listening, and handled
> the traffic without bothering GOOG?
I've pontificated doing this. On one hand I think it's a neat technical
solution. On the other hand I think how ... displeased I would be if
someone were to anycast one of my services without my knowledge, much
less consent for them to do so. Thus I've never done it where I had a
choice.
I believe that anycasting resources from another organization /without/
their consent is a hard fail and non-starter. Independent of how pure
the intentions are.
> For users using 8.8.8.8 as a lighthouse, this would change the meaning
> of their test...i.e. a response means their connection to their ISP is
> up, and the ISP's network works at least enough to reach an internal
> 8.8.8.8, but the question of their connectivity to the rest of the
> Internet would be unanswered.
I say "where I had a choice" because I have anycasted 8.8.8.8 (for ICMP
and DNS) in an offline lab ~> D.R. exercise environment /explicitly/
because other systems therein had been configured to test reach ability
to 8.8.8.8 et al. Thus my hand was forced /inside/ the D.R. environment.
--
Grant. . . .
unix || die
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4017 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20220211/579e0bcc/attachment.bin>
More information about the NANOG
mailing list