[dns-operations] Anycast vs. unicast NS
Joe Abley
jabley at hopcount.ca
Fri Mar 18 16:28:41 UTC 2011
On 2011-03-18, at 08:32, Jim Reid wrote:
> Well if all the DNS servers are anycast, that in itself becomes a single point of failure.
Not at all speaking for Afilias these days, but Afilias TLDs are served by two anycast clouds -- one operated by Afilias, and a second operated by a third party. Each cloud is operated by different people, according to different operational processes.
While it's philosophically feasible that there is some anycast-specific failure mode that might afflict both together, which might lead people to think that the use of anycast is a single point of failure, I'll observe that I have never heard of such a failure to date.
Whilst including unicast (by which I mean non-anycast) servers in an NS set might seem like a good idea, favouring operational diversity, it's my experience that there are many other things more likely to take an individual nameserver off-line than an anycast-specific effect and such a strategy in many cases is likely to optimise the wrong thing.
Joe
More information about the dns-operations
mailing list