[dns-operations] Too Open (Was: OpenDNS makes your Internet work better

Brad Knowles brad at stop.mail-abuse.org
Thu Jul 13 23:35:49 UTC 2006

At 4:27 PM -0700 2006-07-13, Bill Woodcock wrote:

>  Anybody who goes to the trouble of deploying an anycast network would
>  presumably not deviate so far from established practice as to shoot
>  themselves in the foot in the manner you hypothesize.  In a finished
>  production environment.

UltraDNS is the real-world counter-example.  They deployed an 
operational network as a TLD operator, and as a domain outsourcing 
company hosting thousands upon thousands of domains, they did it in a 
anycast-only manner, and then they proceeded to have various clusters 
break at different times.

For those parts of the Internet that were served by those broken 
clusters, all zones hosted by UltraDNS (including their TLDs) were 
completely unreachable.

So far as I know, they continue to operate in this very same mode today.

Brad Knowles, <brad at stop.mail-abuse.org>

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."

     -- Benjamin Franklin (1706-1790), reply of the Pennsylvania
     Assembly to the Governor, November 11, 1755

  Founding Individual Sponsor of LOPSA.  See <http://www.lopsa.org/>.

More information about the dns-operations mailing list